du trafic internet en continu

[André 46]

Bonjour à tous,

 

J'aurais besoin de votre intervention car je dois avoir chopé une saleté sur mon PC.

Je vais essayer, brièvement, de vous décrire la situation.

J'ai un PC Medion equipé d'un processeur Intel Pentium D (double coeur)et un antivirus Bitdefender 2011 (Internet Security)

Suite à une mauvaise manipulation j'ai bousillé le MBR du disque dur. Je ne pouvais plus réinstaller Windows XP avec le cd fourni par Medion.

Comme j'étais encore en possession d'un XP Pro (avec licence), je l'ai installé et cela fonctionne. (j'ai immédiatement réinstallé Bitdefender). Comme il s'agit d'une version ancienne de XP Pro, Windows update a fait le nécessaire pour installer les SP 2 et 3.

C'est là que commence mes soucis. Lors des installations successives des updates, Bitdefender à signalé (et supprimé) des fichier contenant des "trojans".

J'ai également réinstallé diverses applications telles que Firefox, Thunderbird, Office 2003, Acrobat Reader...

Depuis, j'ai constamment du trafic "internet" (que je peux vérifié sur ma Livebox ainsi que sur la "barre de l'analyse d'activité de Bitdefender).

Ainsi, je ne peux plus mettre à jour les modules complémentaires de Firefox et j'ai également échoué dans un scan Online avec Kaspersky.

Dans Bitdefender, j'ai, dans les informations relatives au pare-feu, découvert un fichier " \nos\...\adobe (ou Acrobat) qu'il était impossible de retrouver sur mon disque dur. Je l'ai effacé croyant qu'il s'agissait d'un Malware, mais rien y fait. J'ai également désinstallé Acrobat Reader (car j'ai lu qu'il y avait une faille qui permettait une possibilité de prise de contrôle )mais cela ne change rien.

Je suis inquiet parce que j'utilise internet pour la gestion de mes compte bancaires.

J'ai fait différents scan avec Bitdefender qui me trouvait des traces de rootkit qui modifiait le nom de certains fichiers (sans me préciser lesquels). Après quelques manipulations, ces messages n'apparaissent plus. J'ai également fait divers scan avec "Malwares Byte Antimalware" qui ne trouve rien.

Je vous joins une copie des fichiers Hijackthis ainsi que de MBA.

J'espère que vous pourrez vous pencher sur mon problème et soit me rassurer soit y trouver une solution.

 

D'avance je vous remercie pour votre intervention.

 

André 46

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 09:51:11, on 12/09/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Thunderbird\thunderbird.exe

C:\WINDOWS\system32\msiexec.exe

C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283427919218

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1283428267890

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

 

--

End of file - 6117 bytes

 

 

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

 

Version de la base de données: 4600

 

Windows 5.1.2600 Service Pack 3

Internet Explorer 8.0.6001.18702

 

12/09/2010 18:20:31

mbam-log-2010-09-12 (18-20-31).txt

 

Type d'examen: Examen complet (C:\|D:\|)

Elément(s) analysé(s): 221846

Temps écoulé: 44 minute(s), 26 seconde(s)

 

Processus mémoire infecté(s): 0

Module(s) mémoire infecté(s): 0

Clé(s) du Registre infectée(s): 0

Valeur(s) du Registre infectée(s): 0

Elément(s) de données du Registre infecté(s): 0

Dossier(s) infecté(s): 0

Fichier(s) infecté(s): 0

 

Processus mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Module(s) mémoire infecté(s):

(Aucun élément nuisible détecté)

 

Clé(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Valeur(s) du Registre infectée(s):

(Aucun élément nuisible détecté)

 

Elément(s) de données du Registre infecté(s):

(Aucun élément nuisible détecté)

 

Dossier(s) infecté(s):

(Aucun élément nuisible détecté)

 

Fichier(s) infecté(s):

(Aucun élément nuisible détecté)

[Thanos]

salut

 

C'est là que commence mes soucis. Lors des installations successives des updates, Bitdefender à signalé (et supprimé) des fichier contenant des "trojans".

Peux tu produire le rapport stp?

 

Télécharge random's system information tool (RSIT) par random/random et sauvegarde-le sur le Bureau.

• Double-clique sur RSIT.exe afin de lancer RSIT.
  
• Clique Continue à l'écran Disclaimer.
  
• Si l'outil HijackThis (version à jour) n'est pas présent ou non détecté sur l'ordinateur, RSIT le téléchargera et tu devras accepter la licence.
  
• Lorsque l'analyse sera terminée, deux fichiers texte s'ouvriront. Poste le contenu de log.txt (<<qui sera affiché)
  ainsi que de info.txt (<<qui sera réduit dans la Barre des Tâches).
  
• Si tu ne vois pas ces deux rapports, tu les trouveras dans le dossier C:\rsit
  

[André 46]

Bonjour Thanos,

 

Tout d'abord, merci de te pencher sur mon cas.

En ce qui concerne les rapports "Bitdefender", j'en ai plusieurs. Je te poste deux, celui qui contient le moins d'alerte (le dernier en date) et celui qui en contient le plus.

Ceci dit, j'ai également fait des scan en mode "sans échec" en ayant désactiver l'option "System restore". Ce qui a permis de supprimer la plupart des alertes.

 

Merci encore pour ton intervention.

 

BitDefender - Fichier journal

 

Ici, le dernier scan apparemment vierge de tout virus

 

Produit : BitDefender Internet Security 2011

Tâche d'analyse : Analyse Complète

Date du journal : dimanche 12 septembre 2010 00:48:48

Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\6f349eda-6759-4378-b3c9-9174905515f7\1284242608_1_01.xml

 

Chemins d'analyse :

Chemin : C:\

Chemin : D:\

 

[-]Résumé de l'analyse détaillé

[-]Standard

Objets analysés : 217884

Élément(s) infecté(s) : 0 (aucun élément infecté n'a été détecté)

Élément(s) suspect(s) : 0 (aucun élément suspect n'a été détecté)

Élément(s) résolu(s) : 0 (aucune menace n'a été détectée au cours de cette analyse)

Élément(s) non résolu(s) : 0 (aucun problème n'est demeuré non résolu)

 

[-]Avancé

Temps d'analyse : 00: 45: 18

Fichiers par seconde : 80

Élément(s) ignoré(s) : 118869

Élément(s) avec mot de passe : 0

Élément(s) ultra-compressé(s) : 0

Archives analysées : 415

Erreurs I/O : 0

Secteurs de boot analysés : 6

Processus analysés : 7785

Processus infectés : 0

Clés de registre analysées : 13865

Clés de registre infectées : 0

Cookies analysés : 0

Cookies infectés : 0

 

[-]Options d'analyse

[-]Type des menaces ciblées

Détecter les virus : Oui

Détecter les adwares : Oui

Détecter les spywares : Oui

Détecter les applications : Oui

Détecter les dialers : Oui

Détecter les rootkits : Non

Recherche de keyloggers : Oui

 

[-]Options d'analyse antivirus :

Analyse des clés de registre : Oui

Analyser les cookies : Oui

Analyser les secteurs de boot : Oui

Analyser les processus mémoire : Oui

Analyser les archives : Oui

Analyser les packers lors de leur exécution : Oui

Analyser les e-mails : Oui

Analyser tous les fichiers : Oui

Analyse heuristique : Oui

Extensions analysées : non configuré

Extensions exclues : non configuré

 

[-]Traitement de la cible :

Première action par défaut pour les objets infectés : Désinfecter

Seconde action par défaut pour les objets infectés : Tout déplacer en quarantaine

Première action par défaut pour les objets suspects : Tout déplacer en quarantaine

Seconde action par défaut pour les objets suspects : Aucune

Action par défaut pour les objets camouflés : Aucune

Action par défaut pour les objets protégés par mot de passe : Enregistrer seulement

 

[-]Résumé de l'analyse

Signatures de virus : 6366697

 

Ici, le scan qui en contient le plus

 

BitDefender - Fichier journal

 

 

Produit : BitDefender Internet Security 2011

Tâche d'analyse : Analyse Approfondie

Date du journal : lundi 6 septembre 2010 00:46:50

Chemin du journal : C:\Documents and Settings\All Users\Application Data\BitDefender\Desktop\Profiles\Logs\dcf483c4-26d0-4e6f-ba28-6a53a00adae1\1283720217_1_03.xml

 

Chemins d'analyse :

Chemin : C:\

Chemin : D:\

 

[-]Synthèse des Résultats de l'Analyse

[-]Problèmes non résolus :Chemin d'accès à l'objet Nom de la menace État final

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 73)=>[subject: Resume][Date: Thu, 19 Aug 2010 08:56:58 +0300]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s)

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 72)=>[subject: *** PROBABLY SPAM *** Resume][Date: Thu, 19 Aug 2010 07:59:38 +0800]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s)

C:\MSOCache\All Users\9000040c-6000-11D3-8CFE-0150048383C9\PROI11N.MSI=>(Embedded EXE) Trojan.Generic.4253058 Infecté(s) (L’archive n'a pas pu être re-compressé)

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 43)=>[subject: *** PROBABLY SPAM *** Resume][Date: Wed, 18 Aug 2010 21:07:18 -0300]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s)

C:\WINDOWS\Installer\1d9c8c.msi=>(Embedded EXE) Trojan.Generic.4253058 Infecté(s) (L’archive n'a pas pu être re-compressé)

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 44)=>[subject: *** PROBABLY SPAM *** Resume][Date: Thu, 19 Aug 2010 11:05:00 +0700]=>(MIME part)=>Resume.html Trojan.Script.472404 Infecté(s)

C:\System Volume Information\_restore{E9D1ED56-503B-48FC-8DAA-D71EE92885E5}\RP22\A0019966.msi=>(Embedded EXE) Trojan.Generic.4253058 Infecté(s) (L’archive n'a pas pu être re-compressé)

 

[+]Problèmes résolusChemin d'accès à l'objet Nom de la menace État final

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 52)=>[subject: *** PROBABLY SPAM *** Burress Wedding ][Date: Tue, 17 Aug 2010 20:25:57 +0300]=>(MIME part)=>BURRESS_WEDDING_AUGUST2010.zip=>BURRESS_WEDDING_AUGUST2010.exe Trojan.Agent.AQLJ Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@apmebf[1].txt Cookie.Apmebf Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre [email protected][2].txt Cookie.Weborama Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@hitbox[2].txt Cookie.Hitbox Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 96)=>[subject: *** PROBABLY SPAM *** Scan from a Xero][Date: Wed, 4 Aug 2010 01:04:55 +0300]=>(MIME part)=>Xerox WorkCentreReader.zip=>Xerox WorkCentreReader.exe Trojan.Downloader.Small.ABKN Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 53)=>[subject: *** PROBABLY SPAM *** Garages][Date: Mon, 16 Aug 2010 11:57:17 +0900]=>(MIME part)=>flash.zip=>flash.exe Trojan.Generic.KD.26961 Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 94)=>[subject: Software QA Engineer - 3+ Experience][Date: Mon, 9 Aug 2010 11:05:29 +0300]=>(MIME part)=>Rahul_Bhoraskar.zip=>Rahul_Bhoraskar.exe Trojan.Bredolab.CM Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre [email protected][2].txt Cookie.WebTrendsSt Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 112)=>[subject: *** PROBABLY SPAM *** Wing Ding 32 Pro][Date: Fri, 20 Aug 2010 06:35:12 +0100]=>(MIME part)=>Wing Ding 32 Official Program.zip=>Wing Ding 32 Official Program.exe Trojan.Generic.KD.27672 Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre [email protected][1].txt Cookie.2o7 Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 100)=>[subject: *** PROBABLY SPAM *** Account Alert!][Date: Wed, 21 Jul 2010 11:10:01 +0200]=>(MIME part)=>Upload Documents.zip=>Upload Documents.exe Trojan.Downloader.JNHZ Supprimé

C:\Documents and Settings\andre schroeven\Cookies\[email protected][2].txt Cookie.WebTrends Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 103)=>[subject: *** PROBABLY SPAM *** loustalou.com ac][Date: Thu, 29 Jul 2010 15:26:43 +0530]=>(MIME part)=>instructions.zip=>instructions.exe Trojan.Bredolab.CK Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@weborama[1].txt Cookie.Weborama Supprimé

C:\Documents and Settings\andre schroeven\Cookies\[email protected][1].txt Cookie.Hitbox Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 97)=>[subject: *** PROBABLY SPAM *** Scan from a Xero][Date: Wed, 4 Aug 2010 00:06:16 +0200]=>(MIME part)=>Xerox WorkCentreReader.zip=>Xerox WorkCentreReader.exe Trojan.Downloader.Small.ABKN Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Junk=>(message 92)=>[subject: FDIC has officially named your bank fa][Date: Thu, 5 Aug 2010 13:02:50 +0530]=>(MIME part)=>transaction report.zip=>transaction report.exe Trojan.Peed.Gen Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@mediaplex[1].txt Cookie.Mediaplex Supprimé

C:\Documents and Settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\ImapMail\ssl0.ovh-2.net\INBOX.sbd\Spam=>(message 54)=>[subject: *** PROBABLY SPAM *** Sales Dept][Date: Sun, 15 Aug 2010 13:08:52 +0530]=>(MIME part)=>ARICertificate-C4H736 + FVM4X48.zip=>ARICertificate-C4H736 + FVM4X48.exe Trojan.Generic.KD.26961 Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre schroeven@adviva[2].txt Cookie.Adviva Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@xiti[1].txt Cookie.Xiti Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre [email protected][2].txt Cookie.Weborama Supprimé

C:\Documents and Settings\andre schroeven\Cookies\andre_schroeven@doubleclick[1].txt Cookie.DoubleClick Supprimé

 

[-]Résumé de l'analyse détaillé

[-]Standard

Objets analysés : 409504

Élément(s) infecté(s) : 30

Élément(s) suspect(s) : 0 (aucun élément suspect n'a été détecté)

Élément(s) résolu(s) : 23

Élément(s) non résolu(s) : 7

 

[-]Avancé

Temps d'analyse : 01: 49: 51

Fichiers par seconde : 62

Élément(s) ignoré(s) : 68584

Élément(s) avec mot de passe : 0

Élément(s) ultra-compressé(s) : 0

Archives analysées : 944

Erreurs I/O : 0

Secteurs de boot analysés : 6

Processus analysés : 7920

Processus infectés : 0

Clés de registre analysées : 13872

Clés de registre infectées : 0

Cookies analysés : 44

Cookies infectés : 13

 

[-]Options d'analyse

[-]Type des menaces ciblées

Détecter les virus : Oui

Détecter les adwares : Oui

Détecter les spywares : Oui

Détecter les applications : Oui

Détecter les dialers : Oui

Détecter les rootkits : Oui

Recherche de keyloggers : Oui

 

[-]Options d'analyse antivirus :

Analyse des clés de registre : Oui

Analyser les cookies : Oui

Analyser les secteurs de boot : Oui

Analyser les processus mémoire : Oui

Analyser les archives : Oui

Analyser les packers lors de leur exécution : Oui

Analyser les e-mails : Oui

Analyser tous les fichiers : Oui

Analyse heuristique : Oui

Extensions analysées : non configuré

Extensions exclues : non configuré

 

[-]Traitement de la cible :

Première action par défaut pour les objets infectés : Désinfecter

Seconde action par défaut pour les objets infectés : Tout déplacer en quarantaine

Première action par défaut pour les objets suspects : Tout déplacer en quarantaine

Seconde action par défaut pour les objets suspects : Aucune

Action par défaut pour les objets camouflés : Aucune

Action par défaut pour les objets protégés par mot de passe : Enregistrer seulement

 

[-]Résumé de l'analyse

Signatures de virus : 6321515

 

Ci-dessous, les deux fichiers RSI

 

info.txt logfile of random's system information tool 1.08 2010-09-14 12:21:57

 

======Uninstall list======

 

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf

Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10i_Plugin.exe -maintain plugin

Adobe Reader 9.3.4 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A93000000001}

Advanced Renamer-->"C:\Program Files\Advanced Renamer\unins000.exe"

ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x40c

BitDefender Internet Security 2011-->C:\Program Files\Common Files\BitDefender\SetupInformation\{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}\setup.exe /repair

BitDefender Internet Security 2011-->MsiExec.exe /I{CFB8BDCE-8814-4B9A-8EA9-31DB74FEF0AE}

Canon Camera Support Core Library-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{5662C158-CA24-4228-BF6C-596FADA08682} /l1036

Canon Camera Window DS for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{7B847C9D-6758-45E6-B598-3BD8F43EAE9E}

Canon Camera Window DVC for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A70D14C6-FF2C-4B8E-A643-7E74EC607614}

Canon Camera Window for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{E73534D5-CC93-4C63-9072-5A9734255C74}

Canon EOS Kiss_N REBEL_XT 350D Pilote WIA -->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{33CF7CDF-9805-4500-9CC7-D19D52AD63C4}

Canon Internet Library for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{954BF446-BBC9-42CC-87A6-EBF0D55CA19A}

Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini

Canon MP600 User Registration-->C:\Program Files\Canon\IJEREG\MP600\UNINST.EXE

Canon MP600-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP600 /L0x0009

Canon PhotoRecord-->MsiExec.exe /X{862983D7-FA08-493E-A9ED-6B7859E069D3}

Canon RAW Image Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{A0F34E4E-25F0-4B68-AE8F-EF0C15CB1FED}

Canon RemoteCapture Task for ZoomBrowser EX-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{28291BD5-92D2-4685-82DC-CCA925C53CCA}

Canon Utilities Digital Photo Professional 1.6.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{789CF5F1-3326-4B7B-9D01-31047E0F5651}

Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini

Canon Utilities EOS Capture 1.3-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{16480125-0428-4097-9A2A-74464004D169}

Canon Utilities File Viewer Utility 1.2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{EF0DD8B7-471C-463B-A298-6066C2FABAF5}

Canon Utilities PhotoStitch 3.1-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{218BBBE3-FE63-4BB2-81A8-7435575A84FA}

Canon Utilities RemoteCapture 2.7-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{BEB03A1A-1EB6-48EB-9985-8B97315EE5C0}

Canon ZoomBrowser EX-->MsiExec.exe /X{C1D76D7A-F3BB-47EA-A746-5B1E2FFC1DF2}

CCleaner-->"C:\Program Files\CCleaner\uninst.exe"

CD-LabelPrint-->"C:\Program Files\Canon\CD-LabelPrint\Uninstal.exe" Canon.CDLabelPrint.Application

C-Media Card Reader Driver USB2.0-->C:\WINDOWS\system32\CmUCRRm.exe

DECAdry Express Business Cards 4-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{95398D6D-E2A6-45BC-A9B2-C8C1D9D00E6E} /l1036

Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"

High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"

HiJackThis-->MsiExec.exe /X{45A66726-69BC-466B-A7A4-12FCBA4883D7}

Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"

Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"

Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF}

LSI PCI-SV92PP Soft Modem-->C:\WINDOWS\agrsmdel

MagicTune3.6_Client_pivot-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1C04D433-2EDF-4AFB-B31B-C0B13065092F}\setup.exe" -l0x40c

Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"

Microsoft Office Professional Edition 2003-->MsiExec.exe /I{91E3040C-6000-11D3-8CFE-0150048383C9}

Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}

Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}

MozBackup 1.4.10-->C:\Program Files\MozBackup\Uninstall.exe

Mozilla Firefox (3.6.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe

Mozilla Thunderbird (3.1.3)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe

MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

Natural Color-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}\setup.exe"

NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI

Philips Media Manager 3.3.12.0004-->C:\Program Files\Philips\Media Manager\uninstall.exe

Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly

ScanSoft OmniPage SE 4.0-->MsiExec.exe /I{C1E693A4-B1D5-4DCD-B68D-2087835B7184}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

Security Update for Windows Internet Explorer 8 (KB2183461)-->"C:\WINDOWS\ie8updates\KB2183461-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe"

Security Update for Windows Internet Explorer 8 (KB982381)-->"C:\WINDOWS\ie8updates\KB982381-IE8\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9$\spuninst\spuninst.exe"

Security Update for Windows Media Player (KB979402)-->"C:\WINDOWS\$NtUninstallKB979402_WM9L$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2079403)-->"C:\WINDOWS\$NtUninstallKB2079403$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2115168)-->"C:\WINDOWS\$NtUninstallKB2115168$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2160329)-->"C:\WINDOWS\$NtUninstallKB2160329$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"

Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf

Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"

Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"

Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"

Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"

Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"

Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"

Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"

Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"

Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"

Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"

Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"

Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"

Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"

Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"

Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"

Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"

Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"

Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"

Security Update for Windows XP (KB980436)-->"C:\WINDOWS\$NtUninstallKB980436$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981852)-->"C:\WINDOWS\$NtUninstallKB981852$\spuninst\spuninst.exe"

Security Update for Windows XP (KB981997)-->"C:\WINDOWS\$NtUninstallKB981997$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982214)-->"C:\WINDOWS\$NtUninstallKB982214$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"

Security Update for Windows XP (KB982665)-->"C:\WINDOWS\$NtUninstallKB982665$\spuninst\spuninst.exe"

Services Off-line de Home'Bank-->C:\WINDOWS\IsUn040c.exe -f"C:\Program Files\ING\Off-line\Uninst.isu"

SiSoftware Sandra Lite 2010.SP2-->"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\unins000.exe"

Update for Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe"

Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"

Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"

Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"

Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"

Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"

Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"

Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"

Windows Live ID Sign-in Assistant-->MsiExec.exe /X{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}

Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"

ZebHelpProcess 2.34-->"C:\Program Files\ZebHelpProcess\unins000.exe"

ZHPDiag 1.25-->"C:\Program Files\ZHPDiag\unins000.exe"

 

======Security center information======

 

AV: BitDefender Antivirus

FW: BitDefender Pare-feu

 

======System event log======

 

Computer Name: LOUSTALOU

Event Code: 20

Message: Installation Failure: Windows failed to install the following update with error 0x80070002: Windows XP Service Pack 3 (KB936929).

 

Record Number: 479

Source Name: Windows Update Agent

Time Written: 20100902190646.000000+120

Event Type: error

User:

 

Computer Name: LOUSTALOU

Event Code: 4374

Message: Windows XP Service Pack 3 installation failed, leaving Windows XP partially updated.

Service Pack 3 installation did not complete.

 

Record Number: 478

Source Name: NtServicePack

Time Written: 20100902183816.000000+120

Event Type: error

User: LOUSTALOU\andre schroeven

 

Computer Name: LOUSTALOU

Event Code: 4373

Message: Windows XP Service Pack 3 installation failed.

The system cannot find the file specified.

 

 

Record Number: 469

Source Name: NtServicePack

Time Written: 20100902182906.000000+120

Event Type: error

User: LOUSTALOU\andre schroeven

 

Computer Name: LOUSTALOU

Event Code: 20

Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Windows Internet Explorer 7 for Windows XP.

 

Record Number: 447

Source Name: Windows Update Agent

Time Written: 20100902174425.000000+120

Event Type: error

User:

 

Computer Name: LOUSTALOU

Event Code: 20

Message: Installation Failure: Windows failed to install the following update with error 0x80070643: Internet Explorer 8 for Windows XP.

 

Record Number: 382

Source Name: Windows Update Agent

Time Written: 20100902172342.000000+120

Event Type: error

User:

 

=====Application event log=====

 

Computer Name: LOUSTALOU

Event Code: 5603

Message: A provider, Rsop Planning Mode Provider, has been registered in the WMI namespace, root\RSOP, but did not specify the HostingModel property. This provider will be run using the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests. Ensure that provider has been reviewed for security behavior and update the HostingModel property of the provider registration to an account with the least privileges possible for the required functionality.

 

Record Number: 36

Source Name: WinMgmt

Time Written: 20100902152353.000000+120

Event Type: warning

User: NT AUTHORITY\SYSTEM

 

Computer Name: LOUSTALOU

Event Code: 63

Message: A provider, WMIProv, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

 

Record Number: 25

Source Name: WinMgmt

Time Written: 20100902150211.000000+120

Event Type: warning

User: LOUSTALOU\andre schroeven

 

Computer Name: LOUSTALOU

Event Code: 63

Message: A provider, HiPerfCooker_v1, has been registered in the WMI namespace, Root\WMI, to use the LocalSystem account. This account is privileged and the provider may cause a security violation if it does not correctly impersonate user requests.

 

Record Number: 24

Source Name: WinMgmt

Time Written: 20100902150211.000000+120

Event Type: warning

User: LOUSTALOU\andre schroeven

 

Computer Name: LOUSTALOU

Event Code: 4354

Message: The COM+ Event System failed to fire the ConnectionMade method on subscription {745D67FE-6F17-4DD5-BDFF-BF0BE202A767}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001.

Record Number: 23

Source Name: EventSystem

Time Written: 20100902134909.000000+120

Event Type: warning

User:

 

Computer Name: LOUSTALOU

Event Code: 4354

Message: The COM+ Event System failed to fire the StartShell method on subscription {A5978620-5B3F-F1D1-8ED2-00FA0035B753}-{00000000-0000-0000-0000-000000000000}-{00000000-0000-0000-0000-000000000000}. The subscriber returned HRESULT 80004001.

Record Number: 19

Source Name: EventSystem

Time Written: 20100902134125.000000+120

Event Type: warning

User:

 

======Environment variables======

 

"ComSpec"=%SystemRoot%\system32\cmd.exe

"Path"=%CommonProgramFiles%\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem

"windir"=%SystemRoot%

"OS"=Windows_NT

"PROCESSOR_ARCHITECTURE"=x86

"PROCESSOR_LEVEL"=15

"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 4, GenuineIntel

"PROCESSOR_REVISION"=0404

"NUMBER_OF_PROCESSORS"=2

"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH

"TEMP"=%SystemRoot%\TEMP

"TMP"=%SystemRoot%\TEMP

"FP_NO_HOST_CHECK"=NO

"SAN_DIR"=C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2

 

-----------------EOF-----------------

 

Logfile of random's system information tool 1.08 (written by random/random)

Run by andre schroeven at 2010-09-14 12:20:08

Microsoft Windows XP Professional Service Pack 3

System drive C: has 67 GB (82%) free of 82 GB

Total RAM: 1022 MB (35% free)

 

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:20:52, on 14/09/2010

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\system32\CmUCReye.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\LSI SoftModem\agrsmsvc.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\BitDefender\BitDefender 2011\pchooklaunch32.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\BitDefender\BitDefender 2011\downloader.exe

D:\TOOLS\Download\Sécurité\RSIT.exe

C:\Program Files\trend micro\andre schroeven.exe

 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Actualité, Sport et Vidéo

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer, optimized for Bing and MSN

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll

O3 - Toolbar: BitDefender Toolbar - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM\..\Run: [bitDefender Antiphishing Helper] "C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe"

O4 - HKLM\..\Run: [bDAgent] "C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [CmUCRRun] C:\WINDOWS\system32\CmUCReye.exe

O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User 'Default user')

O8 - Extra context menu item: E&xporter vers Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html

O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html

O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html

O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html

O9 - Extra button: Recherche - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {0742B9EF-8C83-41CA-BFBA-830A59E23533} (Microsoft Data Collection Control) - https://support.microsoft.com/Dcode/ActiveX/MSDcode.cab

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1283427919218

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1283428267890

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: SiSoftware Deployment Agent Service (SandraAgentSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe

O23 - Service: BitDefender Update Server v2 (Update Server) - BitDefender - C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe

O23 - Service: BitDefender Desktop Update Service (Updatesrv) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - BitDefender S.R.L. - C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe

 

--

End of file - 7375 bytes

 

======Registry dump======

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]

EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-09-12 41760]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]

JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-09-12 79648]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]

{381FFDE8-2394-4F90-B10D-FC6124A40F8C} - BitDefender Toolbar - C:\Program Files\BitDefender\BitDefender 2011\IEToolbar.dll [2010-08-10 160320]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-09-23 7282688]

"NvMediaCenter"=NvMCTray.dll,NvTaskbarInit []

"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-04 69632]

"BitDefender Antiphishing Helper"=C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe [2010-08-10 71216]

"BDAgent"=C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe [2010-09-09 1405072]

"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]

"CmUCRRun"=C:\WINDOWS\system32\CmUCReye.exe [2006-07-12 237568]

"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-20 35760]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bing Bar]

C:\Program Files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Microsoft Default Manager]

C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

C:\Program Files\Messenger\msmsgs.exe [2008-04-14 1695232]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

nwiz.exe /install []

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

C:\Program Files\ScanSoft\OmniPageSE4.0\OpwareSE4.exe [2006-10-11 75304]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

C:\WINDOWS\RTHDCPL.EXE [2005-08-18 14820864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-09-28 185896]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk]

C:\PROGRA~1\SEC\MAGICT~1.6_C\GAMMAT~1.EXE [2004-07-03 36864]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk]

C:\PROGRA~1\SEC\MAGICT~1.6_C\MAGICT~2.EXE [2004-12-30 45056]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NaturalColorLoad.lnk]

C:\PROGRA~1\SEC\NATURA~1\NATURA~1.EXE [2002-04-12 155715]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]

C:\DOCUME~1\ANDRES~1\APPLIC~1\MICROS~1\NOTIFI~1\lsnfier.exe [2010-09-02 135680]

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Philips Media Manager.lnk]

C:\PROGRA~1\Philips\MEDIAM~1\PHILIP~1.EXE [2006-07-14 136704]

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]

C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]

"notification packages"=

scecli

scecli

scecli

scecli

scecli

 

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

 

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

 

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"HonorAutoRunSetting"=1

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe:*:Enabled:SiSoftware Deployment Agent Service"

"C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe"="C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\RpcSandraSrv.exe:*:Enabled:SiSoftware Sandra Agent Service"

 

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

 

======List of files/folders created in the last 1 months======

 

2010-09-14 12:20:08 ----D---- C:\rsit

2010-09-13 23:54:48 ----D---- C:\Program Files\Common Files\Adobe

2010-09-13 23:54:48 ----D---- C:\Program Files\Adobe

2010-09-13 12:14:59 ----A---- C:\Documents and Settings\All Users\Application Data\xml112.tmp

2010-09-13 12:14:59 ----A---- C:\Documents and Settings\All Users\Application Data\xml111.tmp

2010-09-13 12:14:58 ----A---- C:\Documents and Settings\All Users\Application Data\xml110.tmp

2010-09-13 12:14:48 ----A---- C:\Documents and Settings\All Users\Application Data\xml10F.tmp

2010-09-13 12:09:59 ----A---- C:\WINDOWS\system32\XAudio2_7.dll

2010-09-13 12:09:59 ----A---- C:\WINDOWS\system32\XAPOFX1_5.dll

2010-09-13 12:09:58 ----A---- C:\WINDOWS\system32\xactengine3_7.dll

2010-09-13 12:09:58 ----A---- C:\WINDOWS\system32\D3DCompiler_43.dll

2010-09-13 12:09:57 ----A---- C:\WINDOWS\system32\d3dx11_43.dll

2010-09-13 12:09:57 ----A---- C:\WINDOWS\system32\d3dcsx_43.dll

2010-09-13 12:09:56 ----A---- C:\WINDOWS\system32\D3DX9_43.dll

2010-09-13 12:09:56 ----A---- C:\WINDOWS\system32\d3dx10_43.dll

2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\XAudio2_6.dll

2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\XAPOFX1_4.dll

2010-09-13 12:09:55 ----A---- C:\WINDOWS\system32\xactengine3_6.dll

2010-09-13 12:09:54 ----A---- C:\WINDOWS\system32\X3DAudio1_7.dll

2010-09-13 12:09:53 ----A---- C:\WINDOWS\system32\XAudio2_5.dll

2010-09-13 12:09:52 ----A---- C:\WINDOWS\system32\xactengine3_5.dll

2010-09-13 12:09:52 ----A---- C:\WINDOWS\system32\D3DCompiler_42.dll

2010-09-13 12:09:51 ----A---- C:\WINDOWS\system32\d3dcsx_42.dll

2010-09-13 12:09:50 ----A---- C:\WINDOWS\system32\d3dx11_42.dll

2010-09-13 12:09:50 ----A---- C:\WINDOWS\system32\d3dx10_42.dll

2010-09-13 12:09:49 ----A---- C:\WINDOWS\system32\D3DX9_42.dll

2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\D3DX9_41.dll

2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\d3dx10_41.dll

2010-09-13 12:09:48 ----A---- C:\WINDOWS\system32\D3DCompiler_41.dll

2010-09-13 12:09:47 ----A---- C:\WINDOWS\system32\XAudio2_4.dll

2010-09-13 12:09:47 ----A---- C:\WINDOWS\system32\XAPOFX1_3.dll

2010-09-13 12:09:46 ----A---- C:\WINDOWS\system32\xactengine3_4.dll

2010-09-13 12:09:46 ----A---- C:\WINDOWS\system32\X3DAudio1_6.dll

2010-09-13 12:09:45 ----A---- C:\WINDOWS\system32\d3dx10_40.dll

2010-09-13 12:09:45 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll

2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\XAudio2_3.dll

2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll

2010-09-13 12:09:44 ----A---- C:\WINDOWS\system32\D3DX9_40.dll

2010-09-13 12:09:43 ----A---- C:\WINDOWS\system32\xactengine3_3.dll

2010-09-13 12:09:43 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll

2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\XAudio2_2.dll

2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll

2010-09-13 12:09:42 ----A---- C:\WINDOWS\system32\xactengine3_2.dll

2010-09-13 12:09:41 ----A---- C:\WINDOWS\system32\d3dx10_39.dll

2010-09-13 12:09:41 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll

2010-09-13 12:09:40 ----A---- C:\WINDOWS\system32\D3DX9_39.dll

2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\XAudio2_1.dll

2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll

2010-09-13 12:09:39 ----A---- C:\WINDOWS\system32\xactengine3_1.dll

2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll

2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\d3dx10_38.dll

2010-09-13 12:09:38 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll

2010-09-13 12:09:37 ----A---- C:\WINDOWS\system32\D3DX9_38.dll

2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\XAudio2_0.dll

2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\xactengine3_0.dll

2010-09-13 12:09:36 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll

2010-09-13 12:09:35 ----A---- C:\WINDOWS\system32\d3dx10_37.dll

2010-09-13 12:09:35 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll

2010-09-13 12:09:34 ----A---- C:\WINDOWS\system32\xactengine2_10.dll

2010-09-13 12:09:34 ----A---- C:\WINDOWS\system32\D3DX9_37.dll

2010-09-13 12:09:33 ----A---- C:\WINDOWS\system32\d3dx10_36.dll

2010-09-13 12:09:33 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll

2010-09-13 12:09:32 ----A---- C:\WINDOWS\system32\d3dx9_36.dll

2010-09-13 12:09:31 ----A---- C:\WINDOWS\system32\xactengine2_9.dll

2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\d3dx9_35.dll

2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\d3dx10_35.dll

2010-09-13 12:09:30 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll

2010-09-13 12:09:29 ----A---- C:\WINDOWS\system32\xactengine2_8.dll

2010-09-13 12:09:29 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll

2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\d3dx9_34.dll

2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\d3dx10_34.dll

2010-09-13 12:09:28 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll

2010-09-13 12:09:27 ----A---- C:\WINDOWS\system32\xinput1_3.dll

2010-09-13 12:09:26 ----A---- C:\WINDOWS\system32\xactengine2_7.dll

2010-09-13 12:09:24 ----A---- C:\WINDOWS\system32\d3dx10_33.dll

2010-09-13 12:09:24 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll

2010-09-13 12:09:22 ----A---- C:\WINDOWS\system32\d3dx9_33.dll

2010-09-13 12:09:21 ----A---- C:\WINDOWS\system32\xactengine2_6.dll

2010-09-13 12:09:21 ----A---- C:\WINDOWS\system32\xactengine2_5.dll

2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\xactengine2_4.dll

2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll

2010-09-13 12:09:20 ----A---- C:\WINDOWS\system32\d3dx9_32.dll

2010-09-13 12:09:19 ----A---- C:\WINDOWS\system32\xactengine2_3.dll

2010-09-13 12:09:19 ----A---- C:\WINDOWS\system32\d3dx9_31.dll

2010-09-13 12:09:18 ----A---- C:\WINDOWS\system32\xinput1_2.dll

2010-09-13 12:09:18 ----A---- C:\WINDOWS\system32\xactengine2_2.dll

2010-09-13 12:09:17 ----A---- C:\WINDOWS\system32\xinput1_1.dll

2010-09-13 12:09:16 ----A---- C:\WINDOWS\system32\xactengine2_1.dll

2010-09-13 12:09:15 ----A---- C:\WINDOWS\system32\d3dx9_30.dll

2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\xactengine2_0.dll

2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll

2010-09-13 12:08:57 ----A---- C:\WINDOWS\system32\d3dx9_29.dll

2010-09-13 12:08:56 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll

2010-09-13 12:08:56 ----A---- C:\WINDOWS\system32\d3dx9_28.dll

2010-09-13 12:08:55 ----A---- C:\WINDOWS\system32\d3dx9_27.dll

2010-09-13 12:08:54 ----A---- C:\WINDOWS\system32\d3dx9_26.dll

2010-09-13 12:08:54 ----A---- C:\WINDOWS\system32\d3dx9_25.dll

2010-09-13 12:08:53 ----A---- C:\WINDOWS\system32\d3dx9_24.dll

2010-09-13 12:03:26 ----D---- C:\WINDOWS\Logs

2010-09-13 12:02:45 ----D---- C:\Program Files\SiSoftware

2010-09-13 11:53:42 ----D---- C:\Program Files\LSI SoftModem

2010-09-13 11:06:13 ----D---- C:\WINDOWS\system32\appmgmt

2010-09-12 13:52:00 ----D---- C:\WINDOWS\Sun

2010-09-12 13:51:53 ----D---- C:\Documents and Settings\All Users\Application Data\Sun

2010-09-12 13:51:51 ----D---- C:\Program Files\Common Files\Java

2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\javaws.exe

2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\javaw.exe

2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\java.exe

2010-09-12 13:51:29 ----A---- C:\WINDOWS\system32\deployJava1.dll

2010-09-12 13:51:07 ----D---- C:\Program Files\Java

2010-09-12 13:46:54 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Sun

2010-09-12 13:39:45 ----A---- C:\TDSSKiller.2.4.2.1_12.09.2010_13.39.45_log.txt

2010-09-12 13:16:02 ----D---- C:\Program Files\CCleaner

2010-09-12 12:37:58 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Hulubulu

2010-09-12 12:37:54 ----D---- C:\Program Files\Advanced Renamer

2010-09-12 10:09:33 ----D---- C:\Program Files\Common Files\Borland Shared

2010-09-12 10:09:33 ----A---- C:\WINDOWS\system32\DBCLIENT.DLL

2010-09-12 10:09:11 ----D---- C:\Program Files\ZebHelpProcess

2010-09-12 10:00:04 ----D---- C:\Program Files\ZHPDiag

2010-09-12 09:50:52 ----D---- C:\Program Files\Trend Micro

2010-09-11 13:15:31 ----A---- C:\WINDOWS\ntbtlog.txt

2010-09-11 01:00:35 ----HDC---- C:\WINDOWS\$NtUninstallKB982214$

2010-09-11 01:00:22 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$

2010-09-11 01:00:14 ----HDC---- C:\WINDOWS\$NtUninstallKB2115168$

2010-09-11 01:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$

2010-09-11 00:59:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$

2010-09-11 00:59:26 ----HDC---- C:\WINDOWS\$NtUninstallKB981852$

2010-09-11 00:59:11 ----HDC---- C:\WINDOWS\$NtUninstallKB2079403$

2010-09-11 00:58:32 ----HDC---- C:\WINDOWS\$NtUninstallKB2160329$

2010-09-11 00:58:21 ----HDC---- C:\WINDOWS\$NtUninstallKB980436$

2010-09-11 00:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$

2010-09-11 00:57:45 ----HDC---- C:\WINDOWS\$NtUninstallKB2286198$

2010-09-11 00:57:33 ----HDC---- C:\WINDOWS\$NtUninstallKB981997$

2010-09-11 00:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB982665$

2010-09-11 00:49:11 ----D---- C:\WINDOWS\Prefetch

2010-09-11 00:45:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$

2010-09-11 00:45:20 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$

2010-09-11 00:44:57 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$

2010-09-11 00:44:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$

2010-09-11 00:44:16 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$

2010-09-11 00:43:56 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$

2010-09-11 00:43:37 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$

2010-09-11 00:43:17 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$

2010-09-11 00:42:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$

2010-09-11 00:42:36 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$

2010-09-11 00:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$

2010-09-11 00:41:55 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$

2010-09-11 00:41:32 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$

2010-09-11 00:41:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$

2010-09-11 00:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$

2010-09-11 00:40:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$

2010-09-11 00:40:12 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$

2010-09-11 00:39:52 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$

2010-09-11 00:39:32 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$

2010-09-11 00:39:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$

2010-09-11 00:38:51 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$

2010-09-11 00:38:31 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$

2010-09-11 00:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$

2010-09-11 00:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$

2010-09-11 00:37:30 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$

2010-09-11 00:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$

2010-09-11 00:36:50 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$

2010-09-11 00:36:29 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$

2010-09-11 00:36:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$

2010-09-11 00:35:49 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$

2010-09-11 00:35:29 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$

2010-09-11 00:35:08 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$

2010-09-11 00:34:48 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$

2010-09-11 00:34:26 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$

2010-09-11 00:34:04 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$

2010-09-11 00:33:44 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$

2010-09-11 00:33:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$

2010-09-11 00:33:05 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$

2010-09-11 00:32:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$

2010-09-11 00:32:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$

2010-09-11 00:32:05 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$

2010-09-11 00:31:46 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$

2010-09-11 00:31:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$

2010-09-11 00:31:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$

2010-09-11 00:30:41 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$

2010-09-11 00:30:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$

2010-09-11 00:29:57 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$

2010-09-11 00:29:38 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$

2010-09-11 00:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$

2010-09-11 00:28:49 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$

2010-09-11 00:28:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$

2010-09-11 00:28:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$

2010-09-11 00:27:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$

2010-09-11 00:27:21 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$

2010-09-11 00:27:02 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$

2010-09-11 00:26:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$

2010-09-11 00:26:18 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$

2010-09-11 00:25:56 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593$

2010-09-11 00:10:27 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$

2010-09-09 12:12:42 ----D---- C:\Get-Rapports-2009

2010-09-07 12:54:11 ----D---- C:\Program Files\Common Files\i4j_jres

2010-09-07 12:53:57 ----D---- C:\Program Files\Philips

2010-09-07 10:56:54 ----HD---- C:\WINDOWS\PIF

2010-09-06 17:02:10 ----D---- C:\Documents and Settings\All Users\Application Data\bdch

2010-09-06 09:19:13 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Malwarebytes

2010-09-06 09:18:42 ----A---- C:\WINDOWS\system32\drivers\mbam.sys

2010-09-06 09:18:39 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys

2010-09-06 09:18:38 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes

2010-09-06 09:18:37 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

2010-09-05 22:31:16 ----D---- C:\Documents and Settings\andre schroeven\Application Data\BitDefender

2010-09-05 22:21:22 ----D---- C:\Documents and Settings\andre schroeven\Application Data\QuickScan

2010-09-05 22:11:35 ----A---- C:\WINDOWS\system32\drivers\bdfsfltr.sys

2010-09-05 21:46:28 ----A---- C:\WINDOWS\system32\drivers\trufos.sys

2010-09-05 21:46:22 ----A---- C:\WINDOWS\system32\drivers\bdrawpr.sys

2010-09-05 15:57:34 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Canon

2010-09-05 15:34:27 ----N---- C:\WINDOWS\system32\spmsg.dll

2010-09-05 15:34:24 ----HDC---- C:\WINDOWS\$NtUninstallKB935448$

2010-09-05 15:02:38 ----A---- C:\WINDOWS\OpPrintServer.INI

2010-09-05 00:19:40 ----D---- C:\WINDOWS\system32\Lang

2010-09-05 00:18:03 ----A---- C:\WINDOWS\system32\drivers\splitter.sys

2010-09-05 00:18:01 ----A---- C:\WINDOWS\system32\drivers\wdmaud.sys

2010-09-05 00:18:00 ----A---- C:\WINDOWS\system32\drivers\dmusic.sys

2010-09-05 00:17:58 ----A---- C:\WINDOWS\system32\drivers\swmidi.sys

2010-09-05 00:17:57 ----A---- C:\WINDOWS\system32\drivers\aec.sys

2010-09-05 00:17:55 ----A---- C:\WINDOWS\system32\drivers\kmixer.sys

2010-09-05 00:17:53 ----A---- C:\WINDOWS\system32\drivers\drmkaud.sys

2010-09-05 00:17:49 ----A---- C:\WINDOWS\system32\drivers\sysaudio.sys

2010-09-05 00:17:46 ----A---- C:\WINDOWS\system32\drivers\mskssrv.sys

2010-09-05 00:17:42 ----A---- C:\WINDOWS\system32\drivers\mspqm.sys

2010-09-05 00:17:39 ----A---- C:\WINDOWS\system32\drivers\mspclock.sys

2010-09-05 00:17:08 ----A---- C:\WINDOWS\system32\ksuser.dll

2010-09-05 00:17:05 ----A---- C:\WINDOWS\system32\drivers\drmk.sys

2010-09-05 00:11:35 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$

2010-09-05 00:11:15 ----A---- C:\WINDOWS\HideWin.exe

2010-09-05 00:11:13 ----A---- C:\WINDOWS\SOUNDMAN.EXE

2010-09-05 00:11:13 ----A---- C:\WINDOWS\RTHDCPL.EXE

2010-09-05 00:11:13 ----A---- C:\WINDOWS\MicCal.exe

2010-09-05 00:11:13 ----A---- C:\WINDOWS\ALCWZRD.EXE

2010-09-05 00:11:13 ----A---- C:\WINDOWS\ALCMTR.EXE

2010-09-05 00:11:12 ----D---- C:\WINDOWS\system32\RTCOM

2010-09-05 00:11:12 ----A---- C:\WINDOWS\system32\drivers\RtkHDAud.sys

2010-09-05 00:11:12 ----A---- C:\WINDOWS\system32\ChCfg.exe

2010-09-05 00:11:12 ----A---- C:\WINDOWS\RTLCPL.EXE

2010-09-05 00:11:03 ----D---- C:\Program Files\Realtek

2010-09-05 00:10:55 ----A---- C:\WINDOWS\RtlExUpd.dll

2010-09-05 00:09:31 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Macromedia

2010-09-04 23:45:14 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\vbar332.dll

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\Vb5db.dll

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msxbse35.dll

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msrepl35.dll

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msrd2x35.dll

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\Msjint35.dll

2010-09-04 19:53:49 ----A---- C:\WINDOWS\system32\msjet35.dll

2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\msjter35.dll

2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\Dzactx.dll

2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\Duzactx.dll

2010-09-04 19:53:48 ----A---- C:\WINDOWS\system32\actrpt.dll

2010-09-04 19:53:46 ----A---- C:\WINDOWS\system32\Dzip32.dll

2010-09-04 19:53:46 ----A---- C:\WINDOWS\system32\Dunzip32.dll

2010-09-04 19:53:46 ----A---- C:\WINDOWS\system32\Adme.dll

2010-09-04 19:53:45 ----A---- C:\WINDOWS\system32\Wint351.exe

2010-09-04 19:53:45 ----A---- C:\WINDOWS\system32\Dtcutil.dll

2010-09-04 19:53:45 ----A---- C:\WINDOWS\system32\Dtctrace.dll

2010-09-04 19:53:44 ----A---- C:\WINDOWS\system32\Dtccm.dll

2010-09-04 19:53:44 ----A---- C:\WINDOWS\system32\Axdist.exe

2010-09-04 19:53:11 ----D---- C:\Program Files\ING

2010-09-04 19:52:45 ----A---- C:\WINDOWS\IsUn040c.exe

2010-09-04 15:14:33 ----A---- C:\WINDOWS\system32\SET12BC.tmp

2010-09-04 15:14:29 ----A---- C:\WINDOWS\system32\SET12B6.tmp

2010-09-04 15:13:58 ----A---- C:\WINDOWS\system32\SET1290.tmp

2010-09-04 15:13:25 ----A---- C:\WINDOWS\system32\SET1267.tmp

2010-09-04 15:13:20 ----A---- C:\WINDOWS\system32\SET1261.tmp

2010-09-04 15:13:16 ----A---- C:\WINDOWS\system32\SET125C.tmp

2010-09-04 15:13:12 ----A---- C:\WINDOWS\system32\SET1257.tmp

2010-09-04 15:13:07 ----A---- C:\WINDOWS\system32\SET1252.tmp

2010-09-04 14:26:59 ----A---- C:\WINDOWS\fonts\SET6E0.tmp

2010-09-04 14:26:58 ----A---- C:\WINDOWS\fonts\SET6DF.tmp

2010-09-04 14:26:57 ----A---- C:\WINDOWS\fonts\SET6DE.tmp

2010-09-04 14:26:56 ----A---- C:\WINDOWS\fonts\SET6DD.tmp

2010-09-04 14:26:55 ----A---- C:\WINDOWS\fonts\SET6DC.tmp

2010-09-04 14:26:54 ----A---- C:\WINDOWS\fonts\SET6DB.tmp

2010-09-04 14:26:44 ----A---- C:\WINDOWS\SET6D1.tmp

2010-09-04 14:26:08 ----A---- C:\WINDOWS\system32\SET6AC.tmp

2010-09-04 14:26:06 ----A---- C:\WINDOWS\system32\SET6AA.tmp

2010-09-04 14:26:04 ----A---- C:\WINDOWS\system32\SET6A8.tmp

2010-09-04 14:26:01 ----A---- C:\WINDOWS\system32\SET6A4.tmp

2010-09-04 14:25:59 ----A---- C:\WINDOWS\system32\SET6A1.tmp

2010-09-04 14:25:51 ----A---- C:\WINDOWS\system32\SET698.tmp

2010-09-04 14:25:50 ----A---- C:\WINDOWS\system32\SET697.tmp

2010-09-04 14:25:46 ----A---- C:\WINDOWS\system32\SET693.tmp

2010-09-04 14:25:46 ----A---- C:\WINDOWS\system32\SET692.tmp

2010-09-04 14:25:42 ----A---- C:\WINDOWS\system32\SET68E.tmp

2010-09-04 14:25:42 ----A---- C:\WINDOWS\system32\SET68D.tmp

2010-09-04 14:25:40 ----A---- C:\WINDOWS\system32\SET68C.tmp

2010-09-04 14:25:35 ----A---- C:\WINDOWS\system32\SET686.tmp

2010-09-04 14:25:33 ----A---- C:\WINDOWS\system32\SET682.tmp

2010-09-04 14:25:30 ----A---- C:\WINDOWS\system32\SET67E.tmp

2010-09-04 14:25:27 ----A---- C:\WINDOWS\system32\SET678.tmp

2010-09-04 14:25:23 ----A---- C:\WINDOWS\system32\SET673.tmp

2010-09-04 14:25:18 ----A---- C:\WINDOWS\system32\SET668.tmp

2010-09-04 14:25:11 ----A---- C:\WINDOWS\system32\SET659.tmp

2010-09-04 14:25:10 ----A---- C:\WINDOWS\system32\SET658.tmp

2010-09-04 14:25:06 ----A---- C:\WINDOWS\system32\SET652.tmp

2010-09-04 14:25:04 ----A---- C:\WINDOWS\system32\SET64F.tmp

2010-09-04 14:25:01 ----A---- C:\WINDOWS\system32\SET64C.tmp

2010-09-04 14:25:01 ----A---- C:\WINDOWS\system32\SET64B.tmp

2010-09-04 14:24:59 ----A---- C:\WINDOWS\system32\SET649.tmp

2010-09-04 14:24:58 ----A---- C:\WINDOWS\system32\SET647.tmp

2010-09-04 14:24:56 ----A---- C:\WINDOWS\system32\SET645.tmp

2010-09-04 14:24:55 ----A---- C:\WINDOWS\system32\SET644.tmp

2010-09-04 14:24:54 ----A---- C:\WINDOWS\system32\SET643.tmp

2010-09-04 14:24:53 ----A---- C:\WINDOWS\system32\SET640.tmp

2010-09-04 14:24:52 ----A---- C:\WINDOWS\system32\SET63E.tmp

2010-09-04 14:24:51 ----A---- C:\WINDOWS\system32\SET63D.tmp

2010-09-04 14:24:50 ----A---- C:\WINDOWS\system32\SET63B.tmp

2010-09-04 14:24:43 ----A---- C:\WINDOWS\system32\SET627.tmp

2010-09-04 14:24:37 ----A---- C:\WINDOWS\system32\SET61E.tmp

2010-09-04 14:24:12 ----A---- C:\WINDOWS\system32\SET5FB.tmp

2010-09-04 14:24:08 ----A---- C:\WINDOWS\system32\SET5F4.tmp

2010-09-04 14:24:08 ----A---- C:\WINDOWS\system32\SET5F3.tmp

2010-09-04 14:23:53 ----A---- C:\WINDOWS\system32\SET5DF.tmp

2010-09-04 14:23:44 ----A---- C:\WINDOWS\system32\SET5D1.tmp

2010-09-04 14:23:40 ----A---- C:\WINDOWS\system32\SET5CD.tmp

2010-09-04 14:23:33 ----A---- C:\WINDOWS\system32\SET5C1.tmp

2010-09-04 14:23:32 ----A---- C:\WINDOWS\system32\SET5C0.tmp

2010-09-04 14:23:31 ----A---- C:\WINDOWS\system32\SET5BF.tmp

2010-09-04 14:23:29 ----A---- C:\WINDOWS\system32\SET5BD.tmp

2010-09-04 14:23:25 ----A---- C:\WINDOWS\system32\SET5B4.tmp

2010-09-04 14:23:16 ----A---- C:\WINDOWS\system32\SET5A6.tmp

2010-09-04 14:23:13 ----A---- C:\WINDOWS\system32\SET5A1.tmp

2010-09-04 14:23:07 ----A---- C:\WINDOWS\system32\SET59B.tmp

2010-09-04 14:23:07 ----A---- C:\WINDOWS\system32\SET59A.tmp

2010-09-04 14:23:05 ----A---- C:\WINDOWS\system32\SET597.tmp

2010-09-04 14:23:00 ----A---- C:\WINDOWS\system32\SET590.tmp

2010-09-04 14:22:48 ----A---- C:\WINDOWS\system32\SET57E.tmp

2010-09-04 14:22:44 ----A---- C:\WINDOWS\system32\SET57A.tmp

2010-09-04 14:22:40 ----A---- C:\WINDOWS\system32\SET572.tmp

2010-09-04 14:22:38 ----A---- C:\WINDOWS\system32\SET56F.tmp

2010-09-04 14:22:36 ----A---- C:\WINDOWS\system32\SET56C.tmp

2010-09-04 14:22:33 ----A---- C:\WINDOWS\system32\SET568.tmp

2010-09-04 14:22:18 ----A---- C:\WINDOWS\system32\SET552.tmp

2010-09-04 14:22:16 ----A---- C:\WINDOWS\system32\SET550.tmp

2010-09-04 14:22:12 ----A---- C:\WINDOWS\system32\SET54C.tmp

2010-09-04 14:22:11 ----A---- C:\WINDOWS\system32\SET549.tmp

2010-09-04 14:22:07 ----A---- C:\WINDOWS\system32\SET545.tmp

2010-09-04 14:22:04 ----A---- C:\WINDOWS\system32\SET53E.tmp

2010-09-04 14:21:58 ----A---- C:\WINDOWS\system32\SET530.tmp

2010-09-04 14:21:54 ----A---- C:\WINDOWS\system32\SET52C.tmp

2010-09-04 14:21:53 ----A---- C:\WINDOWS\system32\SET52B.tmp

2010-09-04 14:21:49 ----A---- C:\WINDOWS\system32\SET526.tmp

2010-09-04 14:21:39 ----A---- C:\WINDOWS\system32\SET513.tmp

2010-09-04 14:21:33 ----A---- C:\WINDOWS\system32\SET505.tmp

2010-09-04 14:21:32 ----A---- C:\WINDOWS\system32\SET503.tmp

2010-09-04 14:21:31 ----A---- C:\WINDOWS\system32\SET500.tmp

2010-09-04 14:21:27 ----A---- C:\WINDOWS\system32\SET4FB.tmp

2010-09-04 14:21:26 ----A---- C:\WINDOWS\system32\SET4F6.tmp

2010-09-04 14:21:24 ----A---- C:\WINDOWS\system32\SET4F0.tmp

2010-09-04 14:21:24 ----A---- C:\WINDOWS\system32\SET4EF.tmp

2010-09-04 14:21:23 ----A---- C:\WINDOWS\system32\SET4EE.tmp

2010-09-04 14:21:20 ----A---- C:\WINDOWS\system32\SET4E9.tmp

2010-09-04 14:21:08 ----A---- C:\WINDOWS\system32\SET4D6.tmp

2010-09-04 14:21:03 ----A---- C:\WINDOWS\system32\SET4CF.tmp

2010-09-04 14:21:01 ----A---- C:\WINDOWS\system32\SET4CB.tmp

2010-09-04 14:21:00 ----A---- C:\WINDOWS\system32\SET4C5.tmp

2010-09-04 14:20:58 ----A---- C:\WINDOWS\system32\SET4C2.tmp

2010-09-04 14:20:57 ----A---- C:\WINDOWS\system32\SET4C0.tmp

2010-09-04 14:20:56 ----A---- C:\WINDOWS\system32\SET4BB.tmp

2010-09-04 14:20:54 ----A---- C:\WINDOWS\system32\SET4AE.tmp

2010-09-04 14:20:36 ----A---- C:\WINDOWS\system32\SET48F.tmp

2010-09-04 14:20:35 ----A---- C:\WINDOWS\system32\SET48E.tmp

2010-09-04 14:20:33 ----A---- C:\WINDOWS\system32\SET48A.tmp

2010-09-04 14:20:30 ----A---- C:\WINDOWS\system32\SET487.tmp

2010-09-04 14:20:19 ----A---- C:\WINDOWS\system32\SET475.tmp

2010-09-04 14:20:18 ----A---- C:\WINDOWS\system32\SET474.tmp

2010-09-04 14:20:14 ----A---- C:\WINDOWS\system32\SET471.tmp

2010-09-04 14:20:13 ----A---- C:\WINDOWS\system32\SET470.tmp

2010-09-04 14:20:05 ----A---- C:\WINDOWS\system32\SET460.tmp

2010-09-04 14:19:59 ----A---- C:\WINDOWS\system32\SET459.tmp

2010-09-04 14:19:55 ----A---- C:\WINDOWS\system32\SET44C.tmp

2010-09-04 14:19:53 ----A---- C:\WINDOWS\system32\SET449.tmp

2010-09-04 14:19:52 ----A---- C:\WINDOWS\system32\SET448.tmp

2010-09-04 14:19:50 ----A---- C:\WINDOWS\system32\SET445.tmp

2010-09-04 14:19:48 ----A---- C:\WINDOWS\system32\SET440.tmp

2010-09-04 14:19:46 ----A---- C:\WINDOWS\system32\SET43F.tmp

2010-09-04 14:19:44 ----A---- C:\WINDOWS\system32\SET439.tmp

2010-09-04 14:19:43 ----A---- C:\WINDOWS\system32\SET438.tmp

2010-09-04 14:19:41 ----A---- C:\WINDOWS\system32\SET432.tmp

2010-09-04 14:19:38 ----A---- C:\WINDOWS\system32\SET425.tmp

2010-09-04 14:19:36 ----A---- C:\WINDOWS\system32\SET422.tmp

2010-09-04 14:19:35 ----A---- C:\WINDOWS\system32\SET420.tmp

2010-09-04 14:19:34 ----A---- C:\WINDOWS\system32\SET41F.tmp

2010-09-04 14:19:30 ----A---- C:\WINDOWS\system32\SET417.tmp

2010-09-04 14:19:29 ----A---- C:\WINDOWS\system32\SET410.tmp

2010-09-04 14:19:28 ----A---- C:\WINDOWS\system32\SET40D.tmp

2010-09-04 14:19:24 ----A---- C:\WINDOWS\system32\SET3FD.tmp

2010-09-04 14:19:22 ----A---- C:\WINDOWS\system32\SET3F7.tmp

2010-09-04 14:19:20 ----A---- C:\WINDOWS\system32\SET3EE.tmp

2010-09-04 14:19:19 ----A---- C:\WINDOWS\system32\SET3E6.tmp

2010-09-04 14:19:18 ----A---- C:\WINDOWS\system32\SET3E4.tmp

2010-09-04 14:19:17 ----A---- C:\WINDOWS\system32\SET3DF.tmp

2010-09-04 14:19:16 ----A---- C:\WINDOWS\system32\SET3D5.tmp

2010-09-04 14:19:15 ----A---- C:\WINDOWS\system32\SET3D1.tmp

2010-09-04 14:19:14 ----A---- C:\WINDOWS\system32\SET3CE.tmp

2010-09-04 14:19:13 ----A---- C:\WINDOWS\system32\SET3CD.tmp

2010-09-04 14:19:12 ----A---- C:\WINDOWS\system32\SET3CA.tmp

2010-09-04 14:19:11 ----A---- C:\WINDOWS\system32\SET3C8.tmp

2010-09-04 14:19:11 ----A---- C:\WINDOWS\system32\SET3C7.tmp

2010-09-04 14:19:08 ----A---- C:\WINDOWS\system32\SET3C3.tmp

2010-09-04 14:19:07 ----A---- C:\WINDOWS\system32\SET3C2.tmp

2010-09-04 14:19:02 ----A---- C:\WINDOWS\system32\SET3AE.tmp

2010-09-04 14:19:01 ----A---- C:\WINDOWS\system32\SET3AC.tmp

2010-09-04 14:18:47 ----A---- C:\WINDOWS\system32\SET383.tmp

2010-09-04 14:18:44 ----A---- C:\WINDOWS\system32\SET377.tmp

2010-09-04 14:18:43 ----A---- C:\WINDOWS\system32\SET374.tmp

2010-09-04 14:18:40 ----A---- C:\WINDOWS\system32\SET36D.tmp

2010-09-04 14:18:40 ----A---- C:\WINDOWS\system32\SET36C.tmp

2010-09-04 14:18:38 ----A---- C:\WINDOWS\system32\SET35F.tmp

2010-09-04 14:18:26 ----A---- C:\WINDOWS\system32\SET341.tmp

2010-09-04 14:18:26 ----A---- C:\WINDOWS\system32\SET33F.tmp

2010-09-04 14:18:25 ----A---- C:\WINDOWS\system32\SET33E.tmp

2010-09-04 14:18:23 ----A---- C:\WINDOWS\system32\SET339.tmp

2010-09-04 14:18:21 ----A---- C:\WINDOWS\system32\SET335.tmp

2010-09-04 14:18:12 ----A---- C:\WINDOWS\system32\SET2FA.tmp

2010-09-04 14:18:12 ----A---- C:\WINDOWS\system32\SET2F9.tmp

2010-09-04 14:18:08 ----A---- C:\WINDOWS\system32\SET2EF.tmp

2010-09-04 14:18:05 ----A---- C:\WINDOWS\system32\SET2EB.tmp

2010-09-04 14:18:04 ----A---- C:\WINDOWS\system32\SET2EA.tmp

2010-09-04 14:18:03 ----A---- C:\WINDOWS\system32\SET2E9.tmp

2010-09-04 14:17:58 ----A---- C:\WINDOWS\system32\SET2DE.tmp

2010-09-04 14:17:52 ----A---- C:\WINDOWS\system32\SET2C3.tmp

2010-09-04 14:17:51 ----A---- C:\WINDOWS\system32\SET2C0.tmp

2010-09-04 14:17:50 ----A---- C:\WINDOWS\system32\SET2BF.tmp

2010-09-04 14:17:46 ----A---- C:\WINDOWS\system32\SET2AC.tmp

2010-09-04 14:17:45 ----A---- C:\WINDOWS\system32\SET2AB.tmp

2010-09-04 14:17:44 ----A---- C:\WINDOWS\system32\SET2AA.tmp

2010-09-04 14:17:42 ----A---- C:\WINDOWS\system32\SET2A7.tmp

2010-09-04 14:17:41 ----A---- C:\WINDOWS\system32\SET2A6.tmp

2010-09-04 14:17:38 ----A---- C:\WINDOWS\system32\SET29C.tmp

2010-09-04 14:17:37 ----A---- C:\WINDOWS\system32\SET29B.tmp

2010-09-04 14:17:34 ----A---- C:\WINDOWS\system32\SET293.tmp

2010-09-04 14:17:30 ----A---- C:\WINDOWS\system32\SET292.tmp

2010-09-04 14:17:29 ----A---- C:\WINDOWS\system32\SET28F.tmp

2010-09-04 14:17:27 ----A---- C:\WINDOWS\system32\SET28B.tmp

2010-09-04 14:17:25 ----A---- C:\WINDOWS\system32\SET288.tmp

2010-09-04 14:17:21 ----A---- C:\WINDOWS\system32\SET282.tmp

2010-09-04 14:17:09 ----A---- C:\WINDOWS\system32\SET252.tmp

2010-09-04 14:17:08 ----A---- C:\WINDOWS\system32\SET251.tmp

2010-09-04 14:17:07 ----A---- C:\WINDOWS\system32\SET249.tmp

2010-09-04 14:17:06 ----A---- C:\WINDOWS\system32\SET243.tmp

2010-09-04 14:17:05 ----A---- C:\WINDOWS\system32\SET242.tmp

2010-09-04 14:17:03 ----A---- C:\WINDOWS\system32\SET23D.tmp

2010-09-04 14:17:00 ----A---- C:\WINDOWS\system32\SET23A.tmp

2010-09-04 14:16:59 ----A---- C:\WINDOWS\system32\SET237.tmp

2010-09-04 14:16:51 ----A---- C:\WINDOWS\system32\SET223.tmp

2010-09-04 14:16:49 ----A---- C:\WINDOWS\system32\SET21E.tmp

2010-09-04 14:16:47 ----A---- C:\WINDOWS\system32\SET219.tmp

2010-09-04 14:16:46 ----A---- C:\WINDOWS\system32\SET218.tmp

2010-09-04 14:16:42 ----A---- C:\WINDOWS\system32\SET212.tmp

2010-09-04 14:16:40 ----A---- C:\WINDOWS\system32\SET20C.tmp

2010-09-04 14:16:39 ----A---- C:\WINDOWS\system32\SET20B.tmp

2010-09-04 14:16:37 ----A---- C:\WINDOWS\system32\SET207.tmp

2010-09-04 14:16:34 ----A---- C:\WINDOWS\system32\SET201.tmp

2010-09-04 14:16:33 ----A---- C:\WINDOWS\system32\SET200.tmp

2010-09-04 14:16:29 ----A---- C:\WINDOWS\system32\SET1F5.tmp

2010-09-04 14:16:25 ----A---- C:\WINDOWS\system32\SET1E5.tmp

2010-09-04 14:16:24 ----A---- C:\WINDOWS\system32\SET1E4.tmp

2010-09-04 14:16:23 ----A---- C:\WINDOWS\system32\SET1E0.tmp

2010-09-04 14:16:22 ----A---- C:\WINDOWS\system32\SET1DE.tmp

2010-09-04 14:16:21 ----A---- C:\WINDOWS\system32\SET1D8.tmp

2010-09-04 14:16:17 ----A---- C:\WINDOWS\system32\SET1CE.tmp

2010-09-04 14:16:15 ----A---- C:\WINDOWS\system32\SET1C5.tmp

2010-09-04 14:16:14 ----A---- C:\WINDOWS\system32\SET1C3.tmp

2010-09-04 14:16:13 ----A---- C:\WINDOWS\system32\SET1C1.tmp

2010-09-04 14:16:11 ----A---- C:\WINDOWS\system32\SET1BD.tmp

2010-09-04 14:16:07 ----A---- C:\WINDOWS\system32\SET1B7.tmp

2010-09-04 14:16:06 ----A---- C:\WINDOWS\system32\SET1B6.tmp

2010-09-04 14:16:04 ----A---- C:\WINDOWS\system32\SET1AA.tmp

2010-09-04 14:16:02 ----A---- C:\WINDOWS\system32\SET19E.tmp

2010-09-04 14:16:00 ----A---- C:\WINDOWS\system32\SET19C.tmp

2010-09-04 14:15:54 ----A---- C:\WINDOWS\system32\SET191.tmp

2010-09-04 14:15:51 ----A---- C:\WINDOWS\system32\SET18D.tmp

2010-09-04 14:15:50 ----A---- C:\WINDOWS\system32\SET18B.tmp

2010-09-04 14:15:49 ----A---- C:\WINDOWS\system32\SET18A.tmp

2010-09-04 14:15:47 ----A---- C:\WINDOWS\system32\SET186.tmp

2010-09-04 14:15:46 ----A---- C:\WINDOWS\system32\SET185.tmp

2010-09-04 14:15:45 ----A---- C:\WINDOWS\system32\SET182.tmp

2010-09-04 14:15:44 ----A---- C:\WINDOWS\system32\SET181.tmp

2010-09-04 14:15:43 ----A---- C:\WINDOWS\system32\SET17E.tmp

2010-09-04 14:15:41 ----A---- C:\WINDOWS\system32\SET177.tmp

2010-09-04 14:15:41 ----A---- C:\WINDOWS\system32\SET176.tmp

2010-09-04 14:15:35 ----A---- C:\WINDOWS\system32\SET163.tmp

2010-09-04 14:15:20 ----A---- C:\WINDOWS\system32\SET145.tmp

2010-09-04 14:15:18 ----A---- C:\WINDOWS\system32\SET142.tmp

2010-09-04 14:15:17 ----A---- C:\WINDOWS\system32\SET141.tmp

2010-09-04 14:15:12 ----A---- C:\WINDOWS\system32\SET139.tmp

2010-09-04 14:15:10 ----A---- C:\WINDOWS\system32\SET137.tmp

2010-09-04 14:15:09 ----A---- C:\WINDOWS\system32\SET135.tmp

2010-09-04 14:15:07 ----A---- C:\WINDOWS\system32\SET133.tmp

2010-09-04 14:15:05 ----A---- C:\WINDOWS\system32\SET132.tmp

2010-09-04 14:10:04 ----A---- C:\WINDOWS\003272_.tmp

2010-09-04 14:01:29 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll

2010-09-04 14:01:29 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\agp440.sys

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll

2010-09-04 14:01:28 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll

2010-09-04 14:01:27 ----N---- C:\WINDOWS\system32\drivers\amdk7.sys

2010-09-04 14:01:27 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys

2010-09-04 14:01:27 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys

2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll

2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll

2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll

2010-09-04 14:01:25 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll

2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys

2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys

2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys

2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys

2010-09-04 14:01:24 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll

2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys

2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys

2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\fltmgr.sys

2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll

2010-09-04 14:01:23 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys

2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\mssmbios.sys

2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\ip6fw.sys

2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\intelppm.sys

2010-09-04 14:01:22 ----N---- C:\WINDOWS\system32\drivers\hidir.sys

2010-09-04 14:01:21 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys

2010-09-04 14:01:21 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys

2010-09-04 14:01:21 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys

2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys

2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\siint5.dll

2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sffp_sd.sys

2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sffdisk.sys

2010-09-04 14:01:20 ----N---- C:\WINDOWS\system32\drivers\sdbus.sys

2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys

2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys

2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\tunmp.sys

2010-09-04 14:01:19 ----N---- C:\WINDOWS\system32\drivers\smbali.sys

2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys

2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys

2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll

2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys

2010-09-04 14:01:18 ----N---- C:\WINDOWS\system32\drivers\usbehci.sys

2010-09-04 14:01:17 ----N---- C:\WINDOWS\system32\xpsp2res.dll

2010-09-04 14:01:17 ----A---- C:\WINDOWS\system32\qmgr.dll

2010-09-04 13:50:15 ----A---- C:\WINDOWS\system32\drivers\http.sys

2010-09-04 13:48:52 ----N---- C:\WINDOWS\system32\drivers\bthport.sys

2010-09-04 13:41:35 ----A---- C:\WINDOWS\system32\advapi32.dll

2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\cmd.exe

2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\cacls.exe

2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\autoconv.exe

2010-09-04 13:41:34 ----A---- C:\WINDOWS\system32\autochk.exe

2010-09-04 13:41:33 ----A---- C:\WINDOWS\system32\comdlg32.dll

2010-09-04 13:41:33 ----A---- C:\WINDOWS\system32\comctl32.dll

2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\imagehlp.dll

2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\ftp.exe

2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\format.com

2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\dhcpcsvc.dll

2010-09-04 13:41:32 ----A---- C:\WINDOWS\system32\csrsrv.dll

2010-09-04 13:41:31 ----A---- C:\WINDOWS\system32\lmhsvc.dll

2010-09-04 13:41:31 ----A---- C:\WINDOWS\system32\kernel32.dll

2010-09-04 13:41:30 ----A---- C:\WINDOWS\system32\lsasrv.dll

2010-09-04 13:41:30 ----A---- C:\WINDOWS\system32\locator.exe

2010-09-04 13:41:30 ----A---- C:\WINDOWS\system32\localspl.dll

2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\nslookup.exe

2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\msv1_0.dll

2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\msgsvc.dll

2010-09-04 13:41:29 ----A---- C:\WINDOWS\system32\mgmtapi.dll

2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntvdm.exe

2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntprint.dll

2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntlsapi.dll

2010-09-04 13:41:28 ----A---- C:\WINDOWS\system32\ntdll.dll

2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\perfctrs.dll

2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\olecnv32.dll

2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\oleaut32.dll

2010-09-04 13:41:27 ----A---- C:\WINDOWS\system32\nwprovau.dll

2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\rasdlg.dll

2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\rasauto.dll

2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\rasapi32.dll

2010-09-04 13:41:26 ----A---- C:\WINDOWS\system32\printui.dll

2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\savedump.exe

2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\samsrv.dll

2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\samlib.dll

2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\rshx32.dll

2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\rastapi.dll

2010-09-04 13:41:25 ----A---- C:\WINDOWS\system32\rasman.dll

2010-09-04 13:41:24 ----A---- C:\WINDOWS\system32\services.exe

2010-09-04 13:41:24 ----A---- C:\WINDOWS\system32\schannel.dll

2010-09-04 13:41:24 ----A---- C:\WINDOWS\system32\scardsvr.exe

2010-09-04 13:41:23 ----A---- C:\WINDOWS\system32\smss.exe

2010-09-04 13:41:23 ----A---- C:\WINDOWS\system32\setupapi.dll

2010-09-04 13:41:23 ----A---- C:\WINDOWS\system32\sessmgr.exe

2010-09-04 13:41:22 ----A---- C:\WINDOWS\system32\srvsvc.dll

2010-09-04 13:41:21 ----A---- C:\WINDOWS\system32\ulib.dll

2010-09-04 13:41:21 ----A---- C:\WINDOWS\system32\tcpmonui.dll

2010-09-04 13:41:21 ----A---- C:\WINDOWS\system32\syssetup.dll

2010-09-04 13:41:20 ----A---- C:\WINDOWS\system32\userinit.exe

2010-09-04 13:41:20 ----A---- C:\WINDOWS\system32\untfs.dll

2010-09-04 13:41:17 ----A---- C:\WINDOWS\system32\win32spl.dll

2010-09-04 13:41:17 ----A---- C:\WINDOWS\system32\win32k.sys

2010-09-04 13:41:16 ----A---- C:\WINDOWS\system32\wkssvc.dll

2010-09-04 13:41:16 ----A---- C:\WINDOWS\system32\drivers\1394bus.sys

2010-09-04 13:41:15 ----A---- C:\WINDOWS\system32\drivers\afd.sys

2010-09-04 13:41:15 ----A---- C:\WINDOWS\system32\drivers\acpi.sys

2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\atapi.sys

2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\asyncmac.sys

2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\arp1394.sys

2010-09-04 13:41:14 ----A---- C:\WINDOWS\system32\drivers\amdk6.sys

2010-09-04 13:41:13 ----A---- C:\WINDOWS\system32\drivers\bridge.sys

2010-09-04 13:41:13 ----A---- C:\WINDOWS\system32\drivers\atmlane.sys

2010-09-04 13:41:13 ----A---- C:\WINDOWS\system32\drivers\atmarpc.sys

2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\crusoe.sys

2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\classpnp.sys

2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\cdrom.sys

2010-09-04 13:41:12 ----A---- C:\WINDOWS\system32\drivers\cdfs.sys

2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\dmio.sys

2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\dmboot.sys

2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\diskdump.sys

2010-09-04 13:41:11 ----A---- C:\WINDOWS\system32\drivers\disk.sys

2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\fips.sys

2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\fdc.sys

2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\fastfat.sys

2010-09-04 13:41:10 ----A---- C:\WINDOWS\system32\drivers\dxg.sys

2010-09-04 13:41:09 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys

2010-09-04 13:41:09 ----A---- C:\WINDOWS\system32\drivers\hidclass.sys

2010-09-04 13:41:09 ----A---- C:\WINDOWS\system32\drivers\flpydisk.sys

2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\ipnat.sys

2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\ipinip.sys

2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\imapi.sys

2010-09-04 13:41:08 ----A---- C:\WINDOWS\system32\drivers\i8042prt.sys

2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\ks.sys

2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\kbdclass.sys

2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys

2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\irenum.sys

2010-09-04 13:41:07 ----A---- C:\WINDOWS\system32\drivers\ipsec.sys

2010-09-04 13:41:06 ----A---- C:\WINDOWS\system32\drivers\modem.sys

2010-09-04 13:41:06 ----A---- C:\WINDOWS\system32\drivers\mf.sys

2010-09-04 13:41:06 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys

2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mrxsmb.sys

2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mrxdav.sys

2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mountmgr.sys

2010-09-04 13:41:05 ----A---- C:\WINDOWS\system32\drivers\mouclass.sys

2010-09-04 13:41:04 ----A---- C:\WINDOWS\system32\drivers\mup.sys

2010-09-04 13:41:04 ----A---- C:\WINDOWS\system32\drivers\msgpc.sys

2010-09-04 13:41:04 ----A---- C:\WINDOWS\system32\drivers\msfs.sys

2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndproxy.sys

2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndiswan.sys

2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndisuio.sys

2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndistapi.sys

2010-09-04 13:41:03 ----A---- C:\WINDOWS\system32\drivers\ndis.sys

2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\npfs.sys

2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\nmnt.sys

2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\nic1394.sys

2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\netbt.sys

2010-09-04 13:41:02 ----A---- C:\WINDOWS\system32\drivers\netbios.sys

2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\parport.sys

2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\p3.sys

2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\ohci1394.sys

2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\nwlnkipx.sys

2010-09-04 13:41:01 ----A---- C:\WINDOWS\system32\drivers\ntfs.sys

2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\pcmcia.sys

2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\pciidex.sys

2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\pci.sys

2010-09-04 13:41:00 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys

2010-09-04 13:40:59 ----A---- C:\WINDOWS\system32\drivers\rasl2tp.sys

2010-09-04 13:40:59 ----A---- C:\WINDOWS\system32\drivers\psched.sys

2010-09-04 13:40:59 ----A---- C:\WINDOWS\system32\drivers\processr.sys

2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\rdpwd.sys

2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\rdpdr.sys

2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\rdbss.sys

2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\raspptp.sys

2010-09-04 13:40:58 ----A---- C:\WINDOWS\system32\drivers\raspppoe.sys

2010-09-04 13:40:57 ----A---- C:\WINDOWS\system32\drivers\rndismp.sys

2010-09-04 13:40:57 ----A---- C:\WINDOWS\system32\drivers\rmcast.sys

2010-09-04 13:40:57 ----A---- C:\WINDOWS\system32\drivers\redbook.sys

2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\sfloppy.sys

2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\serial.sys

2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\serenum.sys

2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\secdrv.sys

2010-09-04 13:40:56 ----A---- C:\WINDOWS\system32\drivers\scsiport.sys

2010-09-04 13:40:55 ----A---- C:\WINDOWS\system32\drivers\sr.sys

2010-09-04 13:40:55 ----A---- C:\WINDOWS\system32\drivers\sonydcam.sys

2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\tape.sys

2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\swenum.sys

2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\stream.sys

2010-09-04 13:40:54 ----A---- C:\WINDOWS\system32\drivers\srv.sys

2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\termdd.sys

2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tdtcp.sys

2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tdpipe.sys

2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tdi.sys

2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tcpip6.sys

2010-09-04 13:40:53 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys

2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\usbcamd.sys

2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\usb8023.sys

2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\update.sys

2010-09-04 13:40:52 ----A---- C:\WINDOWS\system32\drivers\udfs.sys

2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbintel.sys

2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbhub.sys

2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbccgp.sys

2010-09-04 13:40:51 ----A---- C:\WINDOWS\system32\drivers\usbcamd2.sys

2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbstor.sys

2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbscan.sys

2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbprint.sys

2010-09-04 13:40:50 ----A---- C:\WINDOWS\system32\drivers\usbport.sys

2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\volsnap.sys

2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\videoprt.sys

2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\vga.sys

2010-09-04 13:40:49 ----A---- C:\WINDOWS\system32\drivers\usbuhci.sys

2010-09-04 13:40:48 ----A---- C:\WINDOWS\system32\drivers\wanarp.sys

2010-09-04 13:40:46 ----A---- C:\WINDOWS\system32\ntoskrnl.exe

2010-09-04 13:40:46 ----A---- C:\WINDOWS\system32\HAL.DLL

2010-09-04 13:40:44 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

2010-09-04 11:08:58 ----D---- C:\WINDOWS\pss

2010-09-04 00:03:26 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2

2010-09-03 23:49:35 ----D---- C:\Program Files\MSXML 4.0

2010-09-03 23:47:24 ----A---- C:\WINDOWS\system32\Gif89.dll

2010-09-03 23:46:46 ----A---- C:\WINDOWS\system32\nvgpio.dll

2010-09-03 23:46:46 ----A---- C:\WINDOWS\system32\nvapi9x.dll

2010-09-03 23:46:45 ----A---- C:\WINDOWS\system32\drivers\MTiCtwl.sys

2010-09-03 23:45:42 ----D---- C:\Program Files\SEC

2010-09-03 23:19:13 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA

2010-09-03 23:16:51 ----D---- C:\WINDOWS\nview

2010-09-03 23:16:50 ----A---- C:\WINDOWS\system32\nvudisp.exe

2010-09-03 23:15:47 ----A---- C:\WINDOWS\system32\NVUNINST.EXE

2010-09-03 16:09:18 ----D---- C:\Documents and Settings\All Users\Application Data\Alfac

2010-09-03 16:09:12 ----D---- C:\Program Files\DECAdry

2010-09-03 13:10:16 ----A---- C:\WINDOWS\system32\mucltui.dll.mui

2010-09-03 13:10:16 ----A---- C:\WINDOWS\system32\mucltui.dll

2010-09-03 12:58:01 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Thunderbird

2010-09-03 12:17:42 ----N---- C:\WINDOWS\system32\_003756_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003754_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003749_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003748_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003747_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003746_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003745_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003742_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003741_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003740_.tmp.dll

2010-09-03 12:16:30 ----N---- C:\WINDOWS\system32\_003739_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003737_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003734_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003732_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003731_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003727_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003726_.tmp.dll

2010-09-03 12:16:29 ----N---- C:\WINDOWS\system32\_003723_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003719_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003717_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003716_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003714_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003708_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003700_.tmp.dll

2010-09-03 12:16:28 ----N---- C:\WINDOWS\system32\_003699_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003694_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003693_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003692_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003671_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003670_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003669_.tmp.dll

2010-09-03 12:16:27 ----N---- C:\WINDOWS\system32\_003666_.tmp.dll

2010-09-03 12:16:26 ----N---- C:\WINDOWS\system32\drivers\_003646_.tmp.dll

2010-09-03 09:16:25 ----A---- C:\WINDOWS\MAXLINK.INI

2010-09-03 09:16:24 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield

2010-09-03 09:16:21 ----D---- C:\Documents and Settings\andre schroeven\Application Data\ScanSoft

2010-09-03 09:16:12 ----D---- C:\Program Files\Common Files\ScanSoft Shared

2010-09-03 09:16:12 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft

2010-09-03 09:15:46 ----D---- C:\Program Files\ScanSoft

2010-09-03 09:14:40 ----HD---- C:\Program Files\InstallShield Installation Information

2010-09-03 09:14:40 ----D---- C:\Program Files\ArcSoft

2010-09-03 09:14:40 ----A---- C:\WINDOWS\PCDLIB32.DLL

2010-09-03 09:14:20 ----D---- C:\Program Files\Common Files\InstallShield

2010-09-03 09:12:12 ----A---- C:\WINDOWS\system32\msvcr71.dll

2010-09-03 09:12:12 ----A---- C:\WINDOWS\system32\msvcp71.dll

2010-09-03 09:12:12 ----A---- C:\WINDOWS\system32\MFC71.dll

2010-09-03 09:12:07 ----A---- C:\WINDOWS\IsUninst.exe

2010-09-03 09:11:22 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ

2010-09-03 09:11:07 ----A---- C:\WINDOWS\system32\CNMLM87.DLL

2010-09-03 09:11:02 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information

2010-09-03 09:10:52 ----A---- C:\WINDOWS\system32\cnco600.dll

2010-09-03 09:10:51 ----A---- C:\WINDOWS\system32\CNCL600.DLL

2010-09-03 09:10:50 ----A---- C:\WINDOWS\system32\CNCI600.DLL

2010-09-03 09:10:50 ----A---- C:\WINDOWS\system32\CNCC600.DLL

2010-09-03 09:10:36 ----HD---- C:\Program Files\CanonBJ

2010-09-03 09:09:25 ----D---- C:\Program Files\Canon

2010-09-03 00:02:43 ----A---- C:\WINDOWS\ODBC.INI

2010-09-03 00:02:30 ----A---- C:\WINDOWS\system32\mdimon.dll

2010-09-03 00:00:43 ----D---- C:\Program Files\Microsoft.NET

2010-09-02 23:58:37 ----D---- C:\Program Files\Common Files\DESIGNER

2010-09-02 23:58:23 ----D---- C:\Program Files\Microsoft Works

2010-09-02 23:58:05 ----D---- C:\Program Files\Microsoft Visual Studio

2010-09-02 23:57:05 ----D---- C:\WINDOWS\SHELLNEW

2010-09-02 23:56:43 ----D---- C:\Program Files\Microsoft Office

2010-09-02 23:53:31 ----RHD---- C:\MSOCache

2010-09-02 23:51:32 ----D---- C:\Documents and Settings\andre schroeven\Application Data\MozBackup

2010-09-02 23:41:14 ----D---- C:\Program Files\Mozilla Thunderbird

2010-09-02 23:17:07 ----SHD---- C:\RECYCLER

2010-09-02 21:56:37 ----N---- C:\WINDOWS\system32\_003721_.tmp.dll

2010-09-02 21:56:37 ----N---- C:\WINDOWS\system32\_003720_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003718_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003713_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003712_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003711_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003710_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003709_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003706_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003705_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003704_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003703_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003701_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003698_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003696_.tmp.dll

2010-09-02 21:55:11 ----N---- C:\WINDOWS\system32\_003695_.tmp.dll

2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003691_.tmp.dll

2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003690_.tmp.dll

2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003688_.tmp.dll

2010-09-02 21:55:10 ----N---- C:\WINDOWS\system32\_003687_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003685_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003684_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003683_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003681_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003680_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003677_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003676_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003674_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003673_.tmp.dll

2010-09-02 21:55:09 ----N---- C:\WINDOWS\system32\_003672_.tmp.dll

2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\drivers\_003635_.tmp.dll

2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003662_.tmp.dll

2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003661_.tmp.dll

2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003655_.tmp.dll

2010-09-02 21:55:08 ----N---- C:\WINDOWS\system32\_003654_.tmp.dll

2010-09-02 21:26:41 ----D---- C:\WINDOWS\ie8updates

2010-09-02 21:25:43 ----D---- C:\WINDOWS\WBEM

2010-09-02 21:24:49 ----HDC---- C:\WINDOWS\ie8

2010-09-02 21:24:20 ----D---- C:\Program Files\Microsoft

2010-09-02 21:24:08 ----D---- C:\Program Files\Microsoft Silverlight

2010-09-02 20:03:17 ----HD---- C:\WINDOWS\msdownld.tmp

2010-09-02 19:39:11 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$

2010-09-02 18:27:57 ----D---- C:\WINDOWS\system32\en-us

2010-09-02 18:27:55 ----D---- C:\WINDOWS\system32\scripting

2010-09-02 18:27:54 ----D---- C:\WINDOWS\l2schemas

2010-09-02 18:27:53 ----D---- C:\WINDOWS\system32\en

2010-09-02 18:21:51 ----D---- C:\WINDOWS\network diagnostic

2010-09-02 18:16:48 ----N---- C:\WINDOWS\system32\_003668_.tmp.dll

2010-09-02 18:16:47 ----N---- C:\WINDOWS\system32\_003667_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003665_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003660_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003659_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003658_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003657_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003656_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003653_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003652_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003651_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003650_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003648_.tmp.dll

2010-09-02 18:15:40 ----N---- C:\WINDOWS\system32\_003645_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003643_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003642_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003638_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003637_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003634_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003632_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003631_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003630_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003628_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003627_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003624_.tmp.dll

2010-09-02 18:15:39 ----N---- C:\WINDOWS\system32\_003623_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003621_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003620_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003619_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003612_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003611_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003610_.tmp.dll

2010-09-02 18:15:38 ----N---- C:\WINDOWS\system32\_003609_.tmp.dll

2010-09-02 18:15:37 ----N---- C:\WINDOWS\system32\drivers\_003590_.tmp.dll

2010-09-02 17:44:24 ----HDC---- C:\WINDOWS\$NtUninstallKB970430_0$

2010-09-02 17:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB971737_0$

2010-09-02 17:27:47 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$

2010-09-02 17:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$

2010-09-02 17:27:22 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$

2010-09-02 17:27:10 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$

2010-09-02 17:26:57 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$

2010-09-02 17:26:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$

2010-09-02 17:26:31 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$

2010-09-02 17:26:19 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$

2010-09-02 17:26:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$

2010-09-02 17:25:50 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$

2010-09-02 17:25:37 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$

2010-09-02 17:25:27 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$

2010-09-02 17:25:14 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$

2010-09-02 17:25:02 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$

2010-09-02 17:24:48 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$

2010-09-02 17:24:07 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$

2010-09-02 17:23:54 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$

2010-09-02 17:23:42 ----HDC---- C:\WINDOWS\$NtUninstallKB2229593_0$

2010-09-02 17:05:51 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$

2010-09-02 17:05:39 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$

2010-09-02 17:05:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$

2010-09-02 17:05:16 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$

2010-09-02 17:05:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$

2010-09-02 17:04:51 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$

2010-09-02 17:04:39 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$

2010-09-02 17:04:27 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$

2010-09-02 17:04:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$

2010-09-02 17:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$

2010-09-02 17:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$

2010-09-02 17:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$

2010-09-02 17:03:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$

2010-09-02 17:03:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$

2010-09-02 17:02:49 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$

2010-09-02 17:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$

2010-09-02 17:02:24 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$

2010-09-02 17:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$

2010-09-02 17:02:00 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$

2010-09-02 17:01:47 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$

2010-09-02 17:01:36 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$

2010-09-02 17:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$

2010-09-02 17:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$

2010-09-02 17:01:01 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$

2010-09-02 17:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$

2010-09-02 17:00:40 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$

2010-09-02 17:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$

2010-09-02 17:00:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$

2010-09-02 17:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$

2010-09-02 16:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$

2010-09-02 16:59:41 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$

2010-09-02 16:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$

2010-09-02 16:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$

2010-09-02 16:58:58 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$

2010-09-02 16:58:16 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$

2010-09-02 16:57:54 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$

2010-09-02 16:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$

2010-09-02 16:57:31 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$

2010-09-02 16:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$

2010-09-02 16:57:12 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$

2010-09-02 16:56:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$

2010-09-02 16:56:45 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$

2010-09-02 16:56:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$

2010-09-02 16:56:23 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$

2010-09-02 16:56:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$

2010-09-02 16:55:56 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$

2010-09-02 16:55:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$

2010-09-02 16:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$

2010-09-02 16:55:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$

2010-09-02 16:54:57 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$

2010-09-02 16:54:46 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$

2010-09-02 16:54:07 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$

2010-09-02 16:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$

2010-09-02 16:53:41 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$

2010-09-02 16:51:14 ----D---- C:\Documents and Settings\All Users\Application Data\Google

2010-09-02 16:49:26 ----D---- C:\Program Files\MozBackup

2010-09-02 16:44:35 ----N---- C:\WINDOWS\system32\SETFCC.tmp

2010-09-02 16:44:35 ----A---- C:\WINDOWS\system32\SET2C2.tmp

2010-09-02 16:44:35 ----A---- C:\WINDOWS\system32\SET121E.tmp

2010-09-02 16:44:35 ----A---- C:\WINDOWS\system32\SET10A6.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SETFD0.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET2C9.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET2C7.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET2C6.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET169.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET167.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET166.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET1222.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET122.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET120.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET11F.tmp

2010-09-02 16:44:34 ----A---- C:\WINDOWS\system32\SET10AA.tmp

2010-09-02 16:44:33 ----N---- C:\WINDOWS\system32\SETFD5.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2E4.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2E2.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2D6.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET2D2.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET180.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET17F.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET16E.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET16B.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET12E.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET12D.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET126.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET124.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET1227.tmp

2010-09-02 16:44:33 ----A---- C:\WINDOWS\system32\SET10AF.tmp

2010-09-02 16:44:32 ----A---- C:\WINDOWS\system32\SET2E8.tmp

2010-09-02 16:44:32 ----A---- C:\WINDOWS\system32\SET184.tmp

2010-09-02 16:44:32 ----A---- C:\WINDOWS\system32\SET131.tmp

2010-09-02 16:44:29 ----N---- C:\WINDOWS\system32\wmphoto.dll

2010-09-02 16:44:22 ----A---- C:\WINDOWS\system32\SET300.tmp

2010-09-02 16:44:22 ----A---- C:\WINDOWS\system32\SET199.tmp

2010-09-02 16:44:22 ----A---- C:\WINDOWS\system32\SET140.tmp

2010-09-02 16:44:21 ----A---- C:\WINDOWS\system32\SET316.tmp

2010-09-02 16:44:21 ----A---- C:\WINDOWS\system32\SET1A0.tmp

2010-09-02 16:44:21 ----A---- C:\WINDOWS\system32\SET146.tmp

2010-09-02 16:44:20 ----N---- C:\WINDOWS\system32\wlanapi.dll

2010-09-02 16:44:20 ----A---- C:\WINDOWS\system32\SET317.tmp

2010-09-02 16:44:20 ----A---- C:\WINDOWS\system32\SET1A1.tmp

2010-09-02 16:44:20 ----A---- C:\WINDOWS\system32\SET147.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET328.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET320.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET31F.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET31E.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET31D.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET319.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1AC.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A9.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A6.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A5.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A4.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET1A3.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14F.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14D.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14C.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14B.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET14A.tmp

2010-09-02 16:44:19 ----A---- C:\WINDOWS\system32\SET149.tmp

2010-09-02 16:44:18 ----N---- C:\WINDOWS\system32\windowscodecsext.dll

2010-09-02 16:44:18 ----N---- C:\WINDOWS\system32\windowscodecs.dll

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SETFDA.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET32C.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET32A.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET1B4.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET1B3.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET152.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET151.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET150.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET122C.tmp

2010-09-02 16:44:18 ----A---- C:\WINDOWS\system32\SET10B4.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET343.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET340.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET334.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET1C0.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET1BE.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET15F.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET15D.tmp

2010-09-02 16:44:17 ----A---- C:\WINDOWS\system32\SET15C.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET349.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET346.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET1C6.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET1C4.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET164.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET162.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET1230.tmp

2010-09-02 16:44:14 ----A---- C:\WINDOWS\system32\SET10B8.tmp

2010-09-02 16:44:13 ----N---- C:\WINDOWS\system32\verclsid.exe

2010-09-02 16:44:13 ----A---- C:\WINDOWS\system32\SET34A.tmp

2010-09-02 16:44:13 ----A---- C:\WINDOWS\system32\SET1C8.tmp

2010-09-02 16:44:13 ----A---- C:\WINDOWS\system32\SET165.tmp

2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET358.tmp

2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET354.tmp

2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET1D4.tmp

2010-09-02 16:44:12 ----A---- C:\WINDOWS\system32\SET16C.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET35B.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET35A.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET359.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET1DD.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET1DC.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET170.tmp

2010-09-02 16:44:11 ----A---- C:\WINDOWS\system32\SET16F.tmp

2010-09-02 16:44:10 ----A---- C:\WINDOWS\system32\SET35C.tmp

2010-09-02 16:44:10 ----A---- C:\WINDOWS\system32\SET1DF.tmp

2010-09-02 16:44:10 ----A---- C:\WINDOWS\system32\SET172.tmp

2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET363.tmp

2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET1E7.tmp

2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET179.tmp

2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET174.tmp

2010-09-02 16:44:09 ----A---- C:\WINDOWS\system32\SET173.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET368.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET366.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET365.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET1EA.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET1E9.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET1E8.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET17C.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET17B.tmp

2010-09-02 16:44:08 ----A---- C:\WINDOWS\system32\SET17A.tmp

2010-09-02 16:44:07 ----N---- C:\WINDOWS\system32\tspkg.dll

2010-09-02 16:44:07 ----N---- C:\WINDOWS\system32\tsgqec.dll

2010-09-02 16:44:07 ----A---- C:\WINDOWS\system32\SET36B.tmp

2010-09-02 16:44:07 ----A---- C:\WINDOWS\system32\SET1EC.tmp

2010-09-02 16:44:07 ----A---- C:\WINDOWS\system32\SET17D.tmp

2010-09-02 16:44:07 ----A---- C:\WINDOWS\fonts\SET6B4.tmp

2010-09-02 16:44:07 ----A---- C:\WINDOWS\fonts\SET53B.tmp

2010-09-02 16:44:07 ----A---- C:\WINDOWS\fonts\SET45F.tmp

2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET37B.tmp

2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET375.tmp

2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET1FE.tmp

2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET1F7.tmp

2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET188.tmp

2010-09-02 16:44:06 ----A---- C:\WINDOWS\system32\SET183.tmp

2010-09-02 16:44:05 ----A---- C:\WINDOWS\system32\SET381.tmp

2010-09-02 16:44:05 ----A---- C:\WINDOWS\system32\SET1FF.tmp

2010-09-02 16:44:05 ----A---- C:\WINDOWS\system32\SET189.tmp

2010-09-02 16:44:04 ----A---- C:\WINDOWS\system32\SET386.tmp

2010-09-02 16:44:04 ----A---- C:\WINDOWS\system32\SET202.tmp

2010-09-02 16:44:04 ----A---- C:\WINDOWS\system32\SET18C.tmp

2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET38C.tmp

2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET38A.tmp

2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET206.tmp

2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET205.tmp

2010-09-02 16:44:03 ----A---- C:\WINDOWS\system32\SET190.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\system32\SET38E.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET6B6.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET6B5.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET53D.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET53C.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET461.tmp

2010-09-02 16:44:02 ----A---- C:\WINDOWS\fonts\SET460.tmp

2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET395.tmp

2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET393.tmp

2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET211.tmp

2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET210.tmp

2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET198.tmp

2010-09-02 16:43:59 ----A---- C:\WINDOWS\system32\SET197.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET3A1.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET3A0.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET39A.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET213.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET19A.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET1236.tmp

2010-09-02 16:43:58 ----A---- C:\WINDOWS\system32\SET10BE.tmp

2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET3B0.tmp

2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET3AF.tmp

2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET227.tmp

2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET225.tmp

2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET1A8.tmp

2010-09-02 16:43:57 ----A---- C:\WINDOWS\system32\SET1A7.tmp

2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET3B5.tmp

2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET3B3.tmp

2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET22C.tmp

2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET22A.tmp

2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET1AD.tmp

2010-09-02 16:43:56 ----A---- C:\WINDOWS\system32\SET1AB.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET3B9.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET3B7.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET3B6.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET22F.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET22E.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET22D.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET1B0.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET1AF.tmp

2010-09-02 16:43:55 ----A---- C:\WINDOWS\system32\SET1AE.tmp

2010-09-02 16:43:53 ----A---- C:\WINDOWS\system32\SET3BA.tmp

2010-09-02 16:43:53 ----A---- C:\WINDOWS\system32\SET230.tmp

2010-09-02 16:43:53 ----A---- C:\WINDOWS\system32\SET1B1.tmp

2010-09-02 16:43:52 ----A---- C:\WINDOWS\system32\SET3BB.tmp

2010-09-02 16:43:52 ----A---- C:\WINDOWS\system32\SET231.tmp

2010-09-02 16:43:52 ----A---- C:\WINDOWS\system32\SET1B2.tmp

2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET3E8.tmp

2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET3DA.tmp

2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET257.tmp

2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET24D.tmp

2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET1C7.tmp

2010-09-02 16:43:46 ----A---- C:\WINDOWS\system32\SET1C2.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET3EF.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET3ED.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET3EC.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET25E.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET259.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET1CB.tmp

2010-09-02 16:43:45 ----A---- C:\WINDOWS\system32\SET1C9.tmp

2010-09-02 16:43:43 ----A---- C:\WINDOWS\system32\SET3F0.tmp

2010-09-02 16:43:43 ----A---- C:\WINDOWS\system32\SET25F.tmp

2010-09-02 16:43:43 ----A---- C:\WINDOWS\system32\SET1CC.tmp

2010-09-02 16:43:42 ----N---- C:\WINDOWS\system32\setupn.exe

2010-09-02 16:43:42 ----N---- C:\WINDOWS\system32\drivers\sffp_mmc.sys

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F6.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F5.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F2.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET3F1.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET268.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET267.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET261.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET260.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET1D1.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET1D0.tmp

2010-09-02 16:43:42 ----A---- C:\WINDOWS\system32\SET1CD.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET400.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET3FC.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET3FB.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET274.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET271.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET26F.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET1D9.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET1D6.tmp

2010-09-02 16:43:41 ----A---- C:\WINDOWS\system32\SET1D5.tmp

2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET404.tmp

2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET401.tmp

2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET278.tmp

2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET275.tmp

2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET1DB.tmp

2010-09-02 16:43:40 ----A---- C:\WINDOWS\system32\SET1DA.tmp

2010-09-02 16:43:39 ----A---- C:\WINDOWS\system32\SET411.tmp

2010-09-02 16:43:39 ----A---- C:\WINDOWS\system32\SET27F.tmp

2010-09-02 16:43:39 ----A---- C:\WINDOWS\system32\SET1E1.tmp

2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET416.tmp

2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET413.tmp

2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET281.tmp

2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET280.tmp

2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET1E3.tmp

2010-09-02 16:43:38 ----A---- C:\WINDOWS\system32\SET1E2.tmp

2010-09-02 16:43:35 ----A---- C:\WINDOWS\system32\SET421.tmp

2010-09-02 16:43:35 ----A---- C:\WINDOWS\system32\SET28A.tmp

2010-09-02 16:43:35 ----A---- C:\WINDOWS\system32\SET1EB.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET42F.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET42D.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET42A.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET296.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET295.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET294.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET1F3.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET1F2.tmp

2010-09-02 16:43:34 ----A---- C:\WINDOWS\system32\SET1F1.tmp

2010-09-02 16:43:33 ----A---- C:\WINDOWS\system32\SET431.tmp

2010-09-02 16:43:33 ----A---- C:\WINDOWS\system32\SET297.tmp

2010-09-02 16:43:33 ----A---- C:\WINDOWS\system32\SET1F4.tmp

2010-09-02 16:43:32 ----N---- C:\WINDOWS\system32\rhttpaa.dll

2010-09-02 16:43:32 ----A---- C:\WINDOWS\system32\SET433.tmp

2010-09-02 16:43:32 ----A---- C:\WINDOWS\system32\SET299.tmp

2010-09-02 16:43:32 ----A---- C:\WINDOWS\system32\SET1F6.tmp

2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET43C.tmp

2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET43B.tmp

2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET2A0.tmp

2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET29F.tmp

2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET1FC.tmp

2010-09-02 16:43:31 ----A---- C:\WINDOWS\system32\SET1FB.tmp

2010-09-02 16:43:30 ----A---- C:\WINDOWS\system32\SET44B.tmp

2010-09-02 16:43:30 ----A---- C:\WINDOWS\system32\SET2AF.tmp

2010-09-02 16:43:30 ----A---- C:\WINDOWS\system32\SET208.tmp

2010-09-02 16:43:29 ----N---- C:\WINDOWS\system32\rasqec.dll

2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET450.tmp

2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET44D.tmp

2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET2BA.tmp

2010-09-02 16:43:29 ----A---- C:\WINDOWS\system32\SET2B6.tmp

2010-09-02 16:43:28 ----N---- C:\WINDOWS\system32\qutil.dll

2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET455.tmp

2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET454.tmp

2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET2BC.tmp

2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET2BB.tmp

2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET20E.tmp

2010-09-02 16:43:28 ----A---- C:\WINDOWS\system32\SET20D.tmp

2010-09-02 16:43:24 ----N---- C:\WINDOWS\system32\qcliprov.dll

2010-09-02 16:43:23 ----N---- C:\WINDOWS\system32\qagentrt.dll

2010-09-02 16:43:23 ----N---- C:\WINDOWS\system32\qagent.dll

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET469.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET466.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET465.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET462.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2D5.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2CE.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2CC.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET2CA.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET220.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET21D.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET21C.tmp

2010-09-02 16:43:22 ----A---- C:\WINDOWS\system32\SET21A.tmp

2010-09-02 16:43:21 ----N---- C:\WINDOWS\system32\photometadatahandler.dll

2010-09-02 16:43:21 ----A---- C:\WINDOWS\system32\SET46C.tmp

2010-09-02 16:43:21 ----A---- C:\WINDOWS\system32\SET2D7.tmp

2010-09-02 16:43:21 ----A---- C:\WINDOWS\system32\SET222.tmp

2010-09-02 16:43:20 ----A---- C:\WINDOWS\system32\SET46F.tmp

2010-09-02 16:43:20 ----A---- C:\WINDOWS\system32\SET2DD.tmp

2010-09-02 16:43:20 ----A---- C:\WINDOWS\system32\SET226.tmp

2010-09-02 16:43:18 ----A---- C:\WINDOWS\system32\SET478.tmp

2010-09-02 16:43:18 ----A---- C:\WINDOWS\system32\SET2E7.tmp

2010-09-02 16:43:12 ----N---- C:\WINDOWS\system32\onex.dll

2010-09-02 16:43:12 ----A---- C:\WINDOWS\system32\SET47F.tmp

2010-09-02 16:43:11 ----A---- C:\WINDOWS\system32\SET484.tmp

2010-09-02 16:43:11 ----A---- C:\WINDOWS\system32\SET2F1.tmp

2010-09-02 16:43:11 ----A---- C:\WINDOWS\system32\SET238.tmp

2010-09-02 16:43:10 ----A---- C:\WINDOWS\system32\SET485.tmp

2010-09-02 16:43:10 ----A---- C:\WINDOWS\system32\SET2F4.tmp

2010-09-02 16:43:10 ----A---- C:\WINDOWS\system32\SET239.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET493.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET492.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET491.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET490.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET48D.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET48C.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET305.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET304.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET302.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET301.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET2FD.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET2FC.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET247.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET246.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET245.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET244.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET241.tmp

2010-09-02 16:43:07 ----A---- C:\WINDOWS\system32\SET240.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET49C.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET49B.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET49A.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET498.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET497.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET496.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET494.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30F.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30E.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30D.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30B.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET30A.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET309.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET306.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET250.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24F.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24E.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24C.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24B.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET24A.tmp

2010-09-02 16:43:06 ----A---- C:\WINDOWS\system32\SET248.tmp

2010-09-02 16:43:04 ----A---- C:\WINDOWS\system32\SET49E.tmp

2010-09-02 16:43:04 ----A---- C:\WINDOWS\system32\SET312.tmp

2010-09-02 16:43:04 ----A---- C:\WINDOWS\system32\SET253.tmp

2010-09-02 16:42:57 ----A---- C:\WINDOWS\system32\SET4A1.tmp

2010-09-02 16:42:57 ----A---- C:\WINDOWS\system32\SET315.tmp

2010-09-02 16:42:57 ----A---- C:\WINDOWS\system32\SET256.tmp

2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET4A9.tmp

2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET4A7.tmp

2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET31B.tmp

2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET31A.tmp

2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET25C.tmp

2010-09-02 16:42:54 ----A---- C:\WINDOWS\system32\SET25B.tmp

2010-09-02 16:42:49 ----A---- C:\WINDOWS\system32\SET4AB.tmp

2010-09-02 16:42:49 ----A---- C:\WINDOWS\system32\SET31C.tmp

2010-09-02 16:42:49 ----A---- C:\WINDOWS\system32\SET25D.tmp

2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET4B4.tmp

2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET4B0.tmp

2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET322.tmp

2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET321.tmp

2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET263.tmp

2010-09-02 16:42:43 ----A---- C:\WINDOWS\system32\SET262.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET4C4.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET4BF.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET4B9.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET32B.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET326.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET324.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET269.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET266.tmp

2010-09-02 16:42:42 ----A---- C:\WINDOWS\system32\SET264.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET4CC.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET4C7.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET4C6.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET331.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET32E.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET32D.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET26C.tmp

2010-09-02 16:42:41 ----A---- C:\WINDOWS\system32\SET26B.tmp

2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET4D0.tmp

2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET4CD.tmp

2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET336.tmp

2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET333.tmp

2010-09-02 16:42:40 ----A---- C:\WINDOWS\system32\SET270.tmp

2010-09-02 16:42:39 ----N---- C:\WINDOWS\system32\napstat.exe

2010-09-02 16:42:39 ----N---- C:\WINDOWS\system32\napmontr.dll

2010-09-02 16:42:39 ----N---- C:\WINDOWS\system32\napipsec.dll

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET4D7.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET4D5.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET4D4.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET33D.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET33B.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET33A.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET277.tmp

2010-09-02 16:42:39 ----A---- C:\WINDOWS\system32\SET276.tmp

2010-09-02 16:42:36 ----A---- C:\WINDOWS\system32\SET4DD.tmp

2010-09-02 16:42:36 ----A---- C:\WINDOWS\system32\SET342.tmp

2010-09-02 16:42:36 ----A---- C:\WINDOWS\system32\SET27E.tmp

2010-09-02 16:42:35 ----N---- C:\WINDOWS\system32\msxml6r.dll

2010-09-02 16:42:35 ----N---- C:\WINDOWS\system32\msxml6.dll

2010-09-02 16:42:33 ----A---- C:\WINDOWS\system32\SET4E5.tmp

2010-09-02 16:42:33 ----A---- C:\WINDOWS\system32\SET348.tmp

2010-09-02 16:42:33 ----A---- C:\WINDOWS\system32\SET284.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET4F9.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET4F4.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET4F1.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET356.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET352.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET351.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET290.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET28D.tmp

2010-09-02 16:42:31 ----A---- C:\WINDOWS\system32\SET28C.tmp

2010-09-02 16:42:30 ----A---- C:\WINDOWS\system32\SET4FA.tmp

2010-09-02 16:42:30 ----A---- C:\WINDOWS\system32\SET357.tmp

2010-09-02 16:42:30 ----A---- C:\WINDOWS\system32\SET291.tmp

2010-09-02 16:42:29 ----N---- C:\WINDOWS\system32\msshavmsg.dll

2010-09-02 16:42:29 ----N---- C:\WINDOWS\system32\mssha.dll

2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET50D.tmp

2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET507.tmp

2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET367.tmp

2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET364.tmp

2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET2A1.tmp

2010-09-02 16:42:27 ----A---- C:\WINDOWS\system32\SET29E.tmp

2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET510.tmp

2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET50F.tmp

2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET36A.tmp

2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET369.tmp

2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET2A4.tmp

2010-09-02 16:42:26 ----A---- C:\WINDOWS\system32\SET2A3.tmp

2010-09-02 16:42:15 ----A---- C:\WINDOWS\system32\SET51C.tmp

2010-09-02 16:42:15 ----A---- C:\WINDOWS\system32\SET37A.tmp

2010-09-02 16:42:15 ----A---- C:\WINDOWS\system32\SET2B0.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET51F.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET51E.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET51D.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET37D.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET37C.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET2B3.tmp

2010-09-02 16:42:14 ----A---- C:\WINDOWS\system32\SET2B2.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET525.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET523.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET521.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET520.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET384.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET382.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET37F.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET37E.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2BD.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B9.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B7.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B5.tmp

2010-09-02 16:42:13 ----A---- C:\WINDOWS\system32\SET2B4.tmp

2010-09-02 16:42:12 ----A---- C:\WINDOWS\system32\SET528.tmp

2010-09-02 16:42:12 ----A---- C:\WINDOWS\system32\SET387.tmp

2010-09-02 16:42:12 ----A---- C:\WINDOWS\system32\SET2C1.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET538.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET537.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET536.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET534.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET398.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET397.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET396.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET394.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2D1.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2D0.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2CF.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET2CD.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET125E.tmp

2010-09-02 16:42:11 ----A---- C:\WINDOWS\system32\SET10E6.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET540.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET53B.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET53A.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET3A2.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET39B.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET2D9.tmp

2010-09-02 16:42:10 ----A---- C:\WINDOWS\system32\SET2D4.tmp

2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET543.tmp

2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET542.tmp

2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET3A6.tmp

2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET3A5.tmp

2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET2DC.tmp

2010-09-02 16:42:09 ----A---- C:\WINDOWS\system32\SET2DB.tmp

2010-09-02 16:42:08 ----A---- C:\WINDOWS\system32\SET54A.tmp

2010-09-02 16:42:08 ----A---- C:\WINDOWS\system32\SET3AD.tmp

2010-09-02 16:42:08 ----A---- C:\WINDOWS\system32\SET2E3.tmp

2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\mmcperf.exe

2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll

2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\mmcex.dll

2010-09-02 16:42:07 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll

2010-09-02 16:42:07 ----A---- C:\WINDOWS\system32\SET555.tmp

2010-09-02 16:42:07 ----A---- C:\WINDOWS\system32\SET3B8.tmp

2010-09-02 16:42:07 ----A---- C:\WINDOWS\system32\SET2EE.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET55A.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET559.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET3BD.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET3BC.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET2F3.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\system32\SET2F2.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\fonts\SET6B7.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\fonts\SET53E.tmp

2010-09-02 16:42:06 ----A---- C:\WINDOWS\fonts\SET462.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET566.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET55E.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET3D0.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET3CC.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET3C1.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET303.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET2FF.tmp

2010-09-02 16:42:05 ----A---- C:\WINDOWS\system32\SET2F7.tmp

2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET570.tmp

2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET56E.tmp

2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET3E1.tmp

2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET3DC.tmp

2010-09-02 16:42:04 ----A---- C:\WINDOWS\system32\SET307.tmp

2010-09-02 16:42:00 ----N---- C:\WINDOWS\system32\l2gpstore.dll

2010-09-02 16:42:00 ----N---- C:\WINDOWS\system32\kmsvc.dll

2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET576.tmp

2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET574.tmp

2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET3E9.tmp

2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET3E7.tmp

2010-09-02 16:42:00 ----A---- C:\WINDOWS\system32\SET310.tmp

2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdpash.dll

2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdnepr.dll

2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdiultn.dll

2010-09-02 16:41:59 ----N---- C:\WINDOWS\system32\kbdbhc.dll

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET58F.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET58D.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET58B.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET587.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET409.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET405.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET402.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET3FE.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET329.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET327.tmp

2010-09-02 16:41:57 ----A---- C:\WINDOWS\system32\SET323.tmp

2010-09-02 16:41:51 ----N---- C:\WINDOWS\system32\smtpapi.dll

2010-09-02 16:41:51 ----N---- C:\WINDOWS\system32\rwnh.dll

2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET599.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET595.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET418.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET412.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET337.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\system32\SET332.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\fonts\SET6B8.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\fonts\SET53F.tmp

2010-09-02 16:41:48 ----A---- C:\WINDOWS\fonts\SET463.tmp

2010-09-02 16:41:47 ----N---- C:\WINDOWS\system32\ieencode.dll

2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET5A7.tmp

2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET5A5.tmp

2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET42C.tmp

2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET34D.tmp

2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET1283.tmp

2010-09-02 16:41:46 ----A---- C:\WINDOWS\system32\SET110B.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5B6.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5B0.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5AF.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5AE.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET5AD.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET43D.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET437.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET436.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET434.tmp

2010-09-02 16:41:45 ----A---- C:\WINDOWS\system32\SET353.tmp

2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET5BA.tmp

2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET5B9.tmp

2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET441.tmp

2010-09-02 16:41:44 ----A---- C:\WINDOWS\system32\SET360.tmp

2010-09-02 16:41:43 ----A---- C:\WINDOWS\system32\SET5BB.tmp

2010-09-02 16:41:43 ----A---- C:\WINDOWS\system32\SET442.tmp

2010-09-02 16:41:43 ----A---- C:\WINDOWS\system32\SET361.tmp

2010-09-02 16:41:42 ----N---- C:\WINDOWS\system32\SET1036.tmp

2010-09-02 16:41:42 ----A---- C:\WINDOWS\system32\SET1289.tmp

2010-09-02 16:41:42 ----A---- C:\WINDOWS\system32\SET1111.tmp

2010-09-02 16:41:42 ----A---- C:\WINDOWS\005531_.tmp

2010-09-02 16:41:42 ----A---- C:\WINDOWS\003288_.tmp

2010-09-02 16:41:42 ----A---- C:\WINDOWS\003262_.tmp

2010-09-02 16:41:42 ----A---- C:\WINDOWS\003224_.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5CC.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5CB.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5CA.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET5C8.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET453.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET452.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET451.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET44F.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET372.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET371.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET370.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\system32\SET36E.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\SET6AA.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\SET531.tmp

2010-09-02 16:41:41 ----A---- C:\WINDOWS\SET455.tmp

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapsvc.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapqec.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eappprxy.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapphost.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eappgnui.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eappcfg.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapp3hst.dll

2010-09-02 16:41:40 ----N---- C:\WINDOWS\system32\eapolqec.dll

2010-09-02 16:41:38 ----A---- C:\WINDOWS\system32\SET5D4.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET5E3.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET5DD.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET5D8.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET46A.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET464.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET45F.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET38B.tmp

2010-09-02 16:41:37 ----A---- C:\WINDOWS\system32\SET380.tmp

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3ui.dll

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3svc.dll

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3msm.dll

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3dlg.dll

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3cfg.dll

2010-09-02 16:41:35 ----N---- C:\WINDOWS\system32\dot3api.dll

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET5FC.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET5F7.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET5F6.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET483.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET47E.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET47D.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET3A4.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET39F.tmp

2010-09-02 16:41:35 ----A---- C:\WINDOWS\system32\SET39E.tmp

2010-09-02 16:41:33 ----N---- C:\WINDOWS\system32\dimsroam.dll

2010-09-02 16:41:33 ----N---- C:\WINDOWS\system32\dimsntfy.dll

2010-09-02 16:41:32 ----N---- C:\WINDOWS\system32\dhcpqec.dll

2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET61C.tmp

2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET619.tmp

2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET4A3.tmp

2010-09-02 16:41:32 ----A---- C:\WINDOWS\system32\SET3C4.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET628.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET623.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET621.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET4AA.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET4A8.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET3CB.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET3C9.tmp

2010-09-02 16:41:31 ----A---- C:\WINDOWS\system32\SET12A3.tmp

2010-09-02 16:41:30 ----N---- C:\WINDOWS\system32\credssp.dll

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET63C.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET63A.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET637.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET636.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET635.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET633.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET631.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET630.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62F.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62E.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62C.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62B.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET62A.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4C3.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4C1.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BE.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BD.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BC.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4BA.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B8.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B7.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B6.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B5.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B3.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B2.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET4B1.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3E5.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3E3.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3E0.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3DE.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3DD.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3DB.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D9.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D8.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D7.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D6.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D4.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D3.tmp

2010-09-02 16:41:30 ----A---- C:\WINDOWS\system32\SET3D2.tmp

2010-09-02 16:41:29 ----A---- C:\WINDOWS\system32\SET641.tmp

2010-09-02 16:41:29 ----A---- C:\WINDOWS\system32\SET4C8.tmp

2010-09-02 16:41:29 ----A---- C:\WINDOWS\system32\SET3EA.tmp

2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET64A.tmp

2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET642.tmp

2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET4D1.tmp

2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET4C9.tmp

2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET3F3.tmp

2010-09-02 16:41:28 ----A---- C:\WINDOWS\system32\SET3EB.tmp

2010-09-02 16:41:27 ----A---- C:\WINDOWS\system32\SET651.tmp

2010-09-02 16:41:27 ----A---- C:\WINDOWS\system32\SET4D8.tmp

2010-09-02 16:41:27 ----A---- C:\WINDOWS\system32\SET3FA.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET663.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET65F.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET65D.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET65A.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET656.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4EA.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4E6.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4E4.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET4E1.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET40C.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET408.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET406.tmp

2010-09-02 16:41:25 ----A---- C:\WINDOWS\system32\SET403.tmp

2010-09-02 16:41:24 ----N---- C:\WINDOWS\system32\bitsprx4.dll

2010-09-02 16:41:24 ----N---- C:\WINDOWS\system32\azroles.dll

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET66C.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET66B.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET667.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET666.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET665.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4F3.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4F2.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4ED.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET4EC.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET415.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET414.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET40F.tmp

2010-09-02 16:41:24 ----A---- C:\WINDOWS\system32\SET40E.tmp

2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET671.tmp

2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET670.tmp

2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET4F8.tmp

2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET4F7.tmp

2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET41A.tmp

2010-09-02 16:41:23 ----A---- C:\WINDOWS\system32\SET419.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET67D.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET67A.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET504.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET501.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET426.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\system32\SET423.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\fonts\SET6B9.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\fonts\SET540.tmp

2010-09-02 16:41:16 ----A---- C:\WINDOWS\fonts\SET464.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET683.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET681.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET50A.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET508.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET42E.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET42B.tmp

2010-09-02 16:41:15 ----A---- C:\WINDOWS\system32\SET428.tmp

2010-09-02 16:41:14 ----N---- C:\WINDOWS\system32\aaclient.dll

2010-09-02 16:41:14 ----A---- C:\WINDOWS\system32\SET685.tmp

2010-09-02 16:41:14 ----A---- C:\WINDOWS\system32\SET50C.tmp

2010-09-02 16:41:14 ----A---- C:\WINDOWS\system32\SET430.tmp

2010-09-02 16:41:04 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Mozilla

2010-09-02 16:40:47 ----D---- C:\Program Files\Mozilla Firefox

2010-09-02 16:16:49 ----N---- C:\WINDOWS\system32\xpsp4res.dll

2010-09-02 16:16:48 ----A---- C:\WINDOWS\system32\xpsp3res.dll

2010-09-02 16:15:00 ----N---- C:\WINDOWS\system32\tzchange.exe

2010-09-02 16:14:42 ----N---- C:\WINDOWS\system32\browserchoice.exe

2010-09-02 16:10:46 ----A---- C:\WINDOWS\bdagent.INI

2010-09-02 16:10:30 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$

2010-09-02 16:10:15 ----D---- C:\WINDOWS\system32\PreInstall

2010-09-02 16:10:14 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$

2010-09-02 16:10:13 ----HD---- C:\WINDOWS\$hf_mig$

2010-09-02 16:07:21 ----A---- C:\bdlog.txt

2010-09-02 15:54:08 ----D---- C:\Program Files\BitDefender

2010-09-02 15:54:08 ----D---- C:\Documents and Settings\All Users\Application Data\BitDefender

2010-09-02 15:33:59 ----D---- C:\Program Files\Common Files\BitDefender

2010-09-02 15:31:05 ----A---- C:\WINDOWS\system32\h323log.txt

2010-09-02 15:27:41 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803$

2010-09-02 15:26:14 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Adobe

2010-09-02 15:24:50 ----A---- C:\WINDOWS\system32\MRT.exe

2010-09-02 15:22:58 ----SD---- C:\WINDOWS\system32\Microsoft

2010-09-02 15:03:30 ----A---- C:\WINDOWS\system32\drivers\audstub.sys

2010-09-02 15:02:57 ----A---- C:\WINDOWS\system32\drivers\rtl8139.sys

2010-09-02 15:02:56 ----A---- C:\WINDOWS\system32\drivers\enum1394.sys

2010-09-02 15:02:41 ----A---- C:\WINDOWS\system32\usbui.dll

2010-09-02 15:01:47 ----A---- C:\WINDOWS\imsins.BAK

2010-09-02 15:01:44 ----D---- C:\WINDOWS\provisioning

2010-09-02 15:01:44 ----D---- C:\WINDOWS\peernet

2010-09-02 15:01:44 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI

2010-09-02 15:01:43 ----D---- C:\Program Files\Common Files\ODBC

2010-09-02 15:01:43 ----A---- C:\WINDOWS\ODBCINST.INI

2010-09-02 15:01:40 ----D---- C:\Program Files\Common Files\SpeechEngines

2010-09-02 15:01:40 ----D---- C:\Program Files\Common Files\Microsoft Shared

2010-09-02 15:01:39 ----RD---- C:\Program Files

2010-09-02 15:01:39 ----D---- C:\Program Files\Common Files

2010-09-02 15:01:37 ----RA---- C:\WINDOWS\system32\kbdtuq.dll

2010-09-02 15:01:37 ----RA---- C:\WINDOWS\system32\kbdtuf.dll

2010-09-02 15:01:37 ----RA---- C:\WINDOWS\system32\kbdazel.dll

2010-09-02 15:01:36 ----RA---- C:\WINDOWS\system32\kbdtat.dll

2010-09-02 15:01:36 ----RA---- C:\WINDOWS\system32\kbdmon.dll

2010-09-02 15:01:36 ----RA---- C:\WINDOWS\system32\kbdkyr.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdycc.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbduzb.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdur.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdru1.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdru.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdkaz.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdbu.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdblr.dll

2010-09-02 15:01:35 ----RA---- C:\WINDOWS\system32\kbdaze.dll

2010-09-02 15:01:34 ----RA---- C:\WINDOWS\system32\kbdhept.dll

2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhela3.dll

2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhela2.dll

2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhe319.dll

2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhe220.dll

2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdhe.dll

2010-09-02 15:01:33 ----RA---- C:\WINDOWS\system32\kbdgkl.dll

2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlv1.dll

2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlv.dll

2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlt1.dll

2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdlt.dll

2010-09-02 15:01:32 ----RA---- C:\WINDOWS\system32\kbdest.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdycl.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdsl1.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdsl.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdro.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdpl1.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdpl.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdhu1.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdhu.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcz2.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcz1.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcz.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\kbdcr.dll

2010-09-02 15:01:30 ----RA---- C:\WINDOWS\system32\KBDAL.DLL

2010-09-02 15:01:28 ----A---- C:\WINDOWS\system32\irclass.dll

2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\spxcoins.dll

2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\EqnClass.Dll

2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\dgsetup.dll

2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\dgrpsetu.dll

2010-09-02 15:01:27 ----A---- C:\WINDOWS\system32\batt.dll

2010-09-02 15:01:25 ----N---- C:\WINDOWS\system32\CONFIG.TMP

2010-09-02 15:01:25 ----A---- C:\WINDOWS\TASKMAN.EXE

2010-09-02 15:01:25 ----A---- C:\WINDOWS\notepad.exe

2010-09-02 15:01:24 ----A---- C:\WINDOWS\system32\storprop.dll

2010-09-02 15:01:17 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini

2010-09-02 15:01:15 ----RA---- C:\WINDOWS\SET7.tmp

2010-09-02 15:01:12 ----RA---- C:\WINDOWS\SET3.tmp

2010-09-02 15:01:07 ----D---- C:\WINDOWS\system32\CatRoot2

2010-09-02 15:01:07 ----D---- C:\WINDOWS\system32\CatRoot

2010-09-02 15:01:01 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft

2010-09-02 15:00:52 ----A---- C:\WINDOWS\setuplog.txt

2010-09-02 15:00:49 ----D---- C:\Documents and Settings

2010-09-02 15:00:34 ----D---- C:\WINDOWS\ServicePackFiles

2010-09-02 14:58:38 ----D---- C:\WINDOWS\system32\ReinstallBackups

2010-09-02 14:58:20 ----A---- C:\WINDOWS\system32\spupdsvc.exe

2010-09-02 14:56:50 ----D---- C:\WINDOWS\EHome

2010-09-02 14:13:23 ----RASH---- C:\boot.ini

2010-09-02 14:10:27 ----RSHDC---- C:\WINDOWS\system32\dllcache

2010-09-02 14:10:27 ----RSD---- C:\WINDOWS\Fonts

2010-09-02 14:10:27 ----RD---- C:\WINDOWS\Web

2010-09-02 14:10:27 ----HD---- C:\WINDOWS\inf

2010-09-02 14:10:27 ----D---- C:\WINDOWS\WinSxS

2010-09-02 14:10:27 ----D---- C:\WINDOWS\twain_32

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Temp

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\wins

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\wbem

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\usmt

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\spool

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\ShellExt

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\Setup

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\ras

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\oobe

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\npp

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\mui

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\inetsrv

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\IME

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\icsxml

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\ias

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\export

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\drivers\etc

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\drivers\disdn

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\drivers

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\dhcp

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\config

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\3com_dmi

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\3076

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\2052

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1054

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1042

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1041

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1037

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1033

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1031

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1028

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32\1025

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system32

2010-09-02 14:10:27 ----D---- C:\WINDOWS\system

2010-09-02 14:10:27 ----D---- C:\WINDOWS\security

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Resources

2010-09-02 14:10:27 ----D---- C:\WINDOWS\repair

2010-09-02 14:10:27 ----D---- C:\WINDOWS\mui

2010-09-02 14:10:27 ----D---- C:\WINDOWS\msapps

2010-09-02 14:10:27 ----D---- C:\WINDOWS\msagent

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Media

2010-09-02 14:10:27 ----D---- C:\WINDOWS\java

2010-09-02 14:10:27 ----D---- C:\WINDOWS\ime

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Help

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Driver Cache

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Debug

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Cursors

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Connection Wizard

2010-09-02 14:10:27 ----D---- C:\WINDOWS\Config

2010-09-02 14:10:27 ----D---- C:\WINDOWS\AppPatch

2010-09-02 14:10:27 ----D---- C:\WINDOWS\addins

2010-09-02 14:10:27 ----D---- C:\WINDOWS

2010-09-02 14:10:27 ----ASH---- C:\pagefile.sys

2010-09-02 14:05:27 ----A---- C:\WINDOWS\system32\spnpinst.exe

2010-09-02 13:54:44 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage

2010-09-02 13:47:21 ----D---- C:\WINDOWS\system32\bits

2010-09-02 13:47:14 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$

2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\xpob2res.dll

2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\winhttp.dll

2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\qmgrprxy.dll

2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\bitsprx3.dll

2010-09-02 13:47:05 ----A---- C:\WINDOWS\system32\bitsprx2.dll

2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wups2.dll

2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wups.dll

2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wucltui.dll.mui

2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wucltui.dll

2010-09-02 13:46:02 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui

2010-09-02 13:46:01 ----A---- C:\WINDOWS\system32\wuapi.dll.mui

2010-09-02 13:46:01 ----A---- C:\WINDOWS\system32\wuapi.dll

2010-09-02 13:45:24 ----D---- C:\WINDOWS\SoftwareDistribution

2010-09-02 13:41:13 ----SHD---- C:\WINDOWS\Installer

2010-09-02 13:41:11 ----D---- C:\Documents and Settings\andre schroeven\Application Data\Identities

2010-09-02 13:41:07 ----HD---- C:\Program Files\Uninstall Information

2010-09-02 13:41:04 ----SD---- C:\Documents and Settings\andre schroeven\Application Data\Microsoft

2010-09-02 13:41:04 ----ASH---- C:\Documents and Settings\andre schroeven\Application Data\desktop.ini

2010-09-02 13:38:46 ----SHD---- C:\System Volume Information

2010-09-02 13:38:38 ----A---- C:\WINDOWS\SchedLgU.Txt

2010-09-02 13:36:09 ----D---- C:\WINDOWS\system32\xircom

2010-09-02 13:36:09 ----D---- C:\Program Files\xerox

2010-09-02 13:36:09 ----D---- C:\Program Files\microsoft frontpage

2010-09-02 13:35:57 ----RASH---- C:\MSDOS.SYS

2010-09-02 13:35:57 ----RASH---- C:\IO.SYS

2010-09-02 13:35:57 ----A---- C:\WINDOWS\control.ini

2010-09-02 13:35:57 ----A---- C:\CONFIG.SYS

2010-09-02 13:35:57 ----A---- C:\AUTOEXEC.BAT

2010-09-02 13:35:51 ----A---- C:\WINDOWS\OEWABLog.txt

2010-09-02 13:35:14 ----SD---- C:\WINDOWS\Downloaded Program Files

2010-09-02 13:35:14 ----RD---- C:\WINDOWS\Offline Web Pages

2010-09-02 13:35:14 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest

2010-09-02 13:35:10 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest

2010-09-02 13:34:58 ----D---- C:\WINDOWS\srchasst

2010-09-02 13:34:52 ----D---- C:\WINDOWS\system32\Macromed

2010-09-02 13:34:52 ----D---- C:\WINDOWS\system32\DirectX

2010-09-02 13:34:41 ----D---- C:\Program Files\Movie Maker

2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\safrslv.dll

2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\safrdm.dll

2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\safrcdlg.dll

2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\racpldlg.dll

2010-09-02 13:34:28 ----A---- C:\WINDOWS\system32\atrace.dll

2010-09-02 13:34:24 ----A---- C:\WINDOWS\system32\desktop.ini

2010-09-02 13:34:24 ----A---- C:\WINDOWS\desktop.ini

2010-09-02 13:34:19 ----D---- C:\WINDOWS\system32\Restore

2010-09-02 13:34:19 ----A---- C:\WINDOWS\system32\srsvc.dll

2010-09-02 13:34:19 ----A---- C:\WINDOWS\system32\srrstr.dll

2010-09-02 13:34:19 ----A---- C:\WINDOWS\system32\srclient.dll

2010-09-02 13:34:18 ----D---- C:\Program Files\Windows Media Player

2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\nmevtmsg.dll

2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\mnmdd.dll

2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll

2010-09-02 13:34:18 ----A---- C:\WINDOWS\system32\ils.dll

2010-09-02 13:34:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll

2010-09-02 13:34:17 ----A---- C:\WINDOWS\system32\msconf.dll

2010-09-02 13:34:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe

2010-09-02 13:34:15 ----D---- C:\Program Files\NetMeeting

2010-09-02 13:34:14 ----D---- C:\WINDOWS\PCHEALTH

2010-09-02 13:34:14 ----D---- C:\Program Files\Common Files\Services

2010-09-02 13:34:14 ----A---- C:\WINDOWS\system32\msoert2.dll

2010-09-02 13:34:14 ----A---- C:\WINDOWS\system32\msoeacct.dll

2010-09-02 13:34:14 ----A---- C:\WINDOWS\system32\acctres.dll

2010-09-02 13:34:13 ----A---- C:\WINDOWS\system32\inetres.dll

2010-09-02 13:34:13 ----A---- C:\WINDOWS\system32\inetcomm.dll

2010-09-02 13:34:10 ----SD---- C:\WINDOWS\Tasks

2010-09-02 13:34:10 ----D---- C:\Program Files\Outlook Express

2010-09-02 13:34:10 ----A---- C:\WINDOWS\system32\schedsvc.dll

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\mstinit.exe

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\mstask.dll

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\isign32.dll

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\inetcfg.dll

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\icwphbk.dll

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\icwdial.dll

2010-09-02 13:34:09 ----A---- C:\WINDOWS\system32\icfgnt5.dll

2010-09-02 13:34:07 ----D---- C:\Program Files\Common Files\MSSoap

2010-09-02 13:34:04 ----D---- C:\Program Files\Common Files\System

2010-09-02 13:34:02 ----D---- C:\Program Files\Internet Explorer

2010-09-02 13:33:38 ----D---- C:\Program Files\ComPlus Applications

2010-09-02 13:33:37 ----A---- C:\WINDOWS\vbaddin.ini

2010-09-02 13:33:37 ----A---- C:\WINDOWS\vb.ini

2010-09-02 13:33:34 ----D---- C:\WINDOWS\Registration

2010-09-02 13:33:30 ----HD---- C:\Program Files\WindowsUpdate

2010-09-02 13:33:30 ----D---- C:\Program Files\Online Services

2010-09-02 13:33:24 ----D---- C:\Program Files\Messenger

2010-09-02 13:33:19 ----D---- C:\Program Files\MSN

2010-09-02 13:33:16 ----D---- C:\Program Files\MSN Gaming Zone

2010-09-02 13:33:16 ----A---- C:\WINDOWS\system32\write.exe

2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\sndvol32.exe

2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\sndrec32.exe

2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\mplay32.exe

2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\hypertrm.dll

2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\hticons.dll

2010-09-02 13:33:09 ----A---- C:\WINDOWS\system32\accwiz.exe

2010-09-02 13:33:08 ----D---- C:\Program Files\Windows NT

2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\winchat.exe

2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\avwav.dll

2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\avtapi.dll

2010-09-02 13:33:08 ----A---- C:\WINDOWS\system32\avmeter.dll

2010-09-02 13:33:07 ----A---- C:\WINDOWS\system32\mspaint.exe

2010-09-02 13:33:04 ----A---- C:\WINDOWS\system32\clipbrd.exe

2010-09-02 13:33:03 ----A---- C:\WINDOWS\system32\getuname.dll

2010-09-02 13:33:03 ----A---- C:\WINDOWS\system32\charmap.exe

2010-09-02 13:33:03 ----A---- C:\WINDOWS\system32\calc.exe

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\wuaueng.dll

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\wuauclt.exe

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\winmine.exe

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\spider.exe

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\sol.exe

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\mshearts.exe

2010-09-02 13:33:02 ----A---- C:\WINDOWS\system32\freecell.exe

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\wuauserv.dll

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\tscfgwmi.dll

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\reset.exe

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\remotepg.dll

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\rdshost.exe

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\rdsaddin.exe

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\mstscax.dll

2010-09-02 13:33:01 ----A---- C:\WINDOWS\system32\mstsc.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\usrlogon.cmd

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tsshutdn.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tslabels.ini

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tskill.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tsdiscon.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tscupgrd.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\tscon.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\termsrv.dll

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\shadow.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rwinsta.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\regini.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpwsx.dll

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpsnd.dll

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpclip.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdpcfgex.dll

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\rdchost.dll

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\qwinsta.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\qprocess.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\qappsrv.exe

2010-09-02 13:33:00 ----A---- C:\WINDOWS\system32\msg.exe

2010-09-02 13:32:59 ----D---- C:\WINDOWS\system32\MsDtc

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\mtxoci.dll

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\msdtcuiu.dll

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\msdtctm.dll

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\msdtcprx.dll

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\logoff.exe

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\icaapi.dll

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\cfgbkend.dll

2010-09-02 13:32:59 ----A---- C:\WINDOWS\system32\cdmodem.dll

2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\xolehlp.dll

2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\msdtcprf.ini

2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\msdtclog.dll

2010-09-02 13:32:58 ----A---- C:\WINDOWS\system32\msdtc.exe

2010-09-02 13:32:57 ----D---- C:\WINDOWS\system32\Com

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\stclient.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\mtxlegih.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\mtxex.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\mtxdm.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\dcomcnfg.exe

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\comrepl.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\comaddin.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\colbact.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\clbcatex.dll

2010-09-02 13:32:57 ----A---- C:\WINDOWS\system32\catsrvps.dll

2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\comuid.dll

2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\comsvcs.dll

2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\comsnap.dll

2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\clbcatq.dll

2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\catsrvut.dll

2010-09-02 13:32:56 ----A---- C:\WINDOWS\system32\catsrv.dll

2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\wmimgmt.msc

2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\servdeps.dll

2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\mmfutil.dll

2010-09-02 13:32:48 ----A---- C:\WINDOWS\system32\licwmi.dll

2010-09-02 13:32:47 ----A---- C:\WINDOWS\system32\cmprops.dll

 

======List of files/folders modified in the last 1 months======

 

2010-09-12 01:14:29 ----A---- C:\WINDOWS\system.ini

2010-09-11 01:05:07 ----A---- C:\WINDOWS\win.ini

2010-09-02 14:59:07 ----RASH---- C:\NTDETECT.COM

2010-09-02 13:35:40 ----ASH---- C:\WINDOWS\fonts\desktop.ini

 

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R0 bdfsfltr;bdfsfltr; C:\WINDOWS\system32\DRIVERS\bdfsfltr.sys [2010-07-09 327368]

R0 ohci1394;VIA OHCI Compliant IEEE 1394 Host Controller; C:\WINDOWS\System32\DRIVERS\ohci1394.sys [2008-04-13 61696]

R1 Bdftdif;bdftdif; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdftdif.sys []

R1 BdRawPr;BdRawPr; C:\WINDOWS\system32\DRIVERS\bdrawpr.sys [2010-05-13 12960]

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]

R2 Trufos;Trufos; C:\WINDOWS\system32\DRIVERS\Trufos.sys [2010-09-13 303008]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2009-08-13 1163328]

R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]

R3 BDFM;BDFM; C:\WINDOWS\system32\DRIVERS\bdfm.sys [2010-04-22 149520]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service; \??\C:\Program Files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys []

R3 bdselfpr;bdselfpr; \??\C:\Program Files\BitDefender\BitDefender 2011\bdselfpr.sys []

R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver; C:\WINDOWS\system32\DRIVERS\cmiucr.SYS [2007-01-05 93056]

R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-08-19 3856896]

R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]

R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-09-23 3524640]

R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\System32\DRIVERS\RTL8139.SYS [2004-08-04 20992]

R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]

R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]

R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]

R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]

R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]

R3 XUIF;X10 USB Wireless Transceiver; C:\WINDOWS\System32\Drivers\x10ufx2.sys [2005-05-19 17792]

S3 MagicTune;MagicTune; C:\WINDOWS\system32\drivers\MTiCtwl.sys [2004-10-11 12062]

S3 RT2500USB;RT2500 USB Wireless LAN Driver; C:\WINDOWS\system32\DRIVERS\rt2500usb.sys [2005-01-07 147328]

S3 SANDRA;SANDRA; \??\C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\WNt500x86\Sandra.sys []

S4 avc3;avc3; C:\WINDOWS\system32\drivers\avc3.sys [2010-06-28 633424]

S4 avckf;avckf; C:\WINDOWS\system32\drivers\avckf.sys [2010-06-28 970320]

 

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

 

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-03-27 14336]

R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-09-12 153376]

R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]

R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-09-23 131139]

R2 Updatesrv;BitDefender Desktop Update Service; C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe [2010-08-10 42400]

R2 VSSERV;BitDefender Virus Shield; C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe [2010-09-09 1886576]

R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [2009-08-10 93848]

S3 Update Server;BitDefender Update Server v2; C:\Program Files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [2010-07-23 307544]

 

-----------------EOF-----------------

[Thanos]

salut

 

On continue comme ceci =>

 

Branche tous les supports amovibles que tu possèdes avant de faire ce scan (clé usb/disque dur externe etc)

 

 

• Fais un clic sur le bouton droit de ta souris ICI
  
• Choisis Enregistrer la cible (du lien) sous > une fenêtre s'ouvre >>
  
• Dans le champs à droite de "Nom du Fichier" en bas de page, modifie le nom présent (ComboFix.exe) et met ceci >> André 46.exe
  
• Enregistre-le fichier sur le Bureau: pour cela clique sur le bouton Enregistrer.
  
• Assure toi que tous les programmes soient fermés avant de lancer le fix!
  
• Fait un double clique sur André 46.exe.
  
• Note: Ne ferme pas la fenêtre qui vient de s'ouvrir , tu te retrouverais avec un bureau vide !
  
• Lors de son exécution, ComboFix va vérifier si la Console de récupération Microsoft Windows est installée. Avec des infections comme celles d'aujourd'hui, il est fortement conseillé de l'avoir pré-installée sur ton PC avant toute suppression de nuisibles. Elle te permettra de démarrer dans un mode spécial, de récupération (réparation), qui nous permet de t'aider plus facilement si jamais ton ordinateur rencontre un problème après une tentative de nettoyage.
  
• Suis les invites pour permettre à ComboFix de télécharger et installer la Console de récupération Microsoft Windows, et lorsque cela t'est demandé, accepte le Contrat de Licence Utilisateur Final pour installer la Console de récupération Microsoft Windows.
  

 

**Note importante: Si la Console de récupération Microsoft Windows est déjà installée, ComboFix continuera ses procédures de suppression de nuisibles.

 

Une fois que la Console de récupération Microsoft Windows est installée via ComboFix, tu dois voir le message suivant:

• Tape sur la touche Y (Yes) pour poursuivre avec la recherche de nuisibles.
  
• Lorsque le scan est terminé, un rapport sera généré : poste en le contenu dans ton prochain message.
  
• Si le rapport est trop long, poste le en deux fois.
  
• Si tu ne vois pas le rapport, tu le trouveras ici > C:\ComboFix.txt
  

[André 46]

Bonjour Thanos,

 

Voilà, j'ai donc exécuté Combofix et je te joins le rapport.

Cela dit, j'ai toujours du trafic internet

 

ComboFix 10-09-14.01 - andre schroeven 15/09/2010 10:52:28.1.2 - x86

Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1022.647 [GMT 2:00]

Running from: c:\documents and settings\andre schroeven\Desktop\andre46.exe

AV: BitDefender Antivirus *On-access scanning disabled* (Updated) {6C4BB89C-B0ED-4F41-A29C-4373888923BB}

FW: BitDefender Pare-feu *disabled* {4055920F-2E99-48A8-A270-4243D2B8F242}

.

 

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

 

c:\windows\Downloaded Program Files\ODCTOOLS

c:\windows\system32\_003609_.tmp.dll

c:\windows\system32\_003610_.tmp.dll

c:\windows\system32\_003611_.tmp.dll

c:\windows\system32\_003612_.tmp.dll

c:\windows\system32\_003619_.tmp.dll

c:\windows\system32\_003620_.tmp.dll

c:\windows\system32\_003621_.tmp.dll

c:\windows\system32\_003623_.tmp.dll

c:\windows\system32\_003624_.tmp.dll

c:\windows\system32\_003627_.tmp.dll

c:\windows\system32\_003628_.tmp.dll

c:\windows\system32\_003630_.tmp.dll

c:\windows\system32\_003631_.tmp.dll

c:\windows\system32\_003632_.tmp.dll

c:\windows\system32\_003634_.tmp.dll

c:\windows\system32\_003637_.tmp.dll

c:\windows\system32\_003638_.tmp.dll

c:\windows\system32\_003642_.tmp.dll

c:\windows\system32\_003643_.tmp.dll

c:\windows\system32\_003645_.tmp.dll

c:\windows\system32\_003648_.tmp.dll

c:\windows\system32\_003650_.tmp.dll

c:\windows\system32\_003651_.tmp.dll

c:\windows\system32\_003652_.tmp.dll

c:\windows\system32\_003653_.tmp.dll

c:\windows\system32\_003654_.tmp.dll

c:\windows\system32\_003655_.tmp.dll

c:\windows\system32\_003656_.tmp.dll

c:\windows\system32\_003657_.tmp.dll

c:\windows\system32\_003658_.tmp.dll

c:\windows\system32\_003659_.tmp.dll

c:\windows\system32\_003660_.tmp.dll

c:\windows\system32\_003661_.tmp.dll

c:\windows\system32\_003662_.tmp.dll

c:\windows\system32\_003665_.tmp.dll

c:\windows\system32\_003666_.tmp.dll

c:\windows\system32\_003667_.tmp.dll

c:\windows\system32\_003668_.tmp.dll

c:\windows\system32\_003669_.tmp.dll

c:\windows\system32\_003670_.tmp.dll

c:\windows\system32\_003671_.tmp.dll

c:\windows\system32\_003672_.tmp.dll

c:\windows\system32\_003673_.tmp.dll

c:\windows\system32\_003674_.tmp.dll

c:\windows\system32\_003676_.tmp.dll

c:\windows\system32\_003677_.tmp.dll

c:\windows\system32\_003680_.tmp.dll

c:\windows\system32\_003681_.tmp.dll

c:\windows\system32\_003683_.tmp.dll

c:\windows\system32\_003684_.tmp.dll

c:\windows\system32\_003685_.tmp.dll

c:\windows\system32\_003687_.tmp.dll

c:\windows\system32\_003688_.tmp.dll

c:\windows\system32\_003690_.tmp.dll

c:\windows\system32\_003691_.tmp.dll

c:\windows\system32\_003692_.tmp.dll

c:\windows\system32\_003693_.tmp.dll

c:\windows\system32\_003694_.tmp.dll

c:\windows\system32\_003695_.tmp.dll

c:\windows\system32\_003696_.tmp.dll

c:\windows\system32\_003698_.tmp.dll

c:\windows\system32\_003699_.tmp.dll

c:\windows\system32\_003700_.tmp.dll

c:\windows\system32\_003701_.tmp.dll

c:\windows\system32\_003703_.tmp.dll

c:\windows\system32\_003704_.tmp.dll

c:\windows\system32\_003705_.tmp.dll

c:\windows\system32\_003706_.tmp.dll

c:\windows\system32\_003708_.tmp.dll

c:\windows\system32\_003709_.tmp.dll

c:\windows\system32\_003710_.tmp.dll

c:\windows\system32\_003711_.tmp.dll

c:\windows\system32\_003712_.tmp.dll

c:\windows\system32\_003713_.tmp.dll

c:\windows\system32\_003714_.tmp.dll

c:\windows\system32\_003716_.tmp.dll

c:\windows\system32\_003717_.tmp.dll

c:\windows\system32\_003718_.tmp.dll

c:\windows\system32\_003719_.tmp.dll

c:\windows\system32\_003720_.tmp.dll

c:\windows\system32\_003721_.tmp.dll

c:\windows\system32\_003723_.tmp.dll

c:\windows\system32\_003726_.tmp.dll

c:\windows\system32\_003727_.tmp.dll

c:\windows\system32\_003731_.tmp.dll

c:\windows\system32\_003732_.tmp.dll

c:\windows\system32\_003734_.tmp.dll

c:\windows\system32\_003737_.tmp.dll

c:\windows\system32\_003739_.tmp.dll

c:\windows\system32\_003740_.tmp.dll

c:\windows\system32\_003741_.tmp.dll

c:\windows\system32\_003742_.tmp.dll

c:\windows\system32\_003745_.tmp.dll

c:\windows\system32\_003746_.tmp.dll

c:\windows\system32\_003747_.tmp.dll

c:\windows\system32\_003748_.tmp.dll

c:\windows\system32\_003749_.tmp.dll

c:\windows\system32\_003754_.tmp.dll

c:\windows\system32\_003756_.tmp.dll

c:\windows\system32\_005930_.tmp.dll

c:\windows\system32\_005931_.tmp.dll

c:\windows\system32\_005932_.tmp.dll

c:\windows\system32\_005933_.tmp.dll

c:\windows\system32\_005940_.tmp.dll

c:\windows\system32\_005941_.tmp.dll

c:\windows\system32\_005942_.tmp.dll

c:\windows\system32\_005943_.tmp.dll

c:\windows\system32\_005945_.tmp.dll

c:\windows\system32\_005946_.tmp.dll

c:\windows\system32\_005949_.tmp.dll

c:\windows\system32\_005950_.tmp.dll

c:\windows\system32\_005953_.tmp.dll

c:\windows\system32\_005954_.tmp.dll

c:\windows\system32\_005956_.tmp.dll

c:\windows\system32\_005959_.tmp.dll

c:\windows\system32\_005960_.tmp.dll

c:\windows\system32\_005965_.tmp.dll

c:\windows\system32\_005967_.tmp.dll

c:\windows\system32\_005970_.tmp.dll

c:\windows\system32\_005972_.tmp.dll

c:\windows\system32\_005973_.tmp.dll

c:\windows\system32\_005974_.tmp.dll

c:\windows\system32\_005975_.tmp.dll

c:\windows\system32\_005976_.tmp.dll

c:\windows\system32\_005979_.tmp.dll

c:\windows\system32\_005980_.tmp.dll

c:\windows\system32\_005981_.tmp.dll

c:\windows\system32\_005982_.tmp.dll

c:\windows\system32\_005983_.tmp.dll

c:\windows\system32\_005988_.tmp.dll

c:\windows\system32\_005990_.tmp.dll

c:\windows\system32\SET170.tmp

c:\windows\system32\SET1C5.tmp

c:\windows\system32\SET1DD.tmp

c:\windows\system32\SET35A.tmp

c:\windows\system32\SET3E5.tmp

c:\windows\system32\SET4C3.tmp

c:\windows\system32\SET63C.tmp

 

.

((((((((((((((((((((((((( Files Created from 2010-08-15 to 2010-09-15 )))))))))))))))))))))))))))))))

.

 

2010-09-14 10:20 . 2010-09-14 10:21 -------- d-----w- C:\rsit

2010-09-13 21:54 . 2010-09-13 21:55 -------- d-----w- c:\program files\Common Files\Adobe

2010-09-13 10:08 . 2005-05-26 13:34 2297552 ----a-w- c:\windows\system32\d3dx9_26.dll

2010-09-13 10:03 . 2010-09-13 10:03 -------- d-----w- c:\windows\Logs

2010-09-13 10:02 . 2010-09-13 10:02 -------- d-----w- c:\program files\SiSoftware

2010-09-13 09:53 . 2010-09-13 09:53 -------- d-----w- c:\program files\LSI SoftModem

2010-09-12 11:52 . 2010-09-12 11:52 -------- d-----w- c:\windows\Sun

2010-09-12 11:51 . 2010-09-12 11:51 503808 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-675e7ee5-n\msvcp71.dll

2010-09-12 11:51 . 2010-09-12 11:51 12800 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-313fb5d1-n\decora-d3d.dll

2010-09-12 11:51 . 2010-09-12 11:51 61440 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\42\4488892a-313fb5d1-n\decora-sse.dll

2010-09-12 11:51 . 2010-09-12 11:51 499712 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-675e7ee5-n\jmc.dll

2010-09-12 11:51 . 2010-09-12 11:51 348160 ----a-w- c:\documents and settings\andre schroeven\Application Data\Sun\Java\Deployment\SystemCache\6.0\4\7ec4bf04-675e7ee5-n\msvcr71.dll

2010-09-12 11:51 . 2010-09-12 11:51 -------- d-----w- c:\program files\Common Files\Java

2010-09-12 11:51 . 2010-09-12 11:51 411368 ----a-w- c:\windows\system32\deployJava1.dll

2010-09-12 11:51 . 2010-09-12 11:51 -------- d-----w- c:\program files\Java

2010-09-12 11:16 . 2010-09-12 11:18 -------- d-----w- c:\program files\CCleaner

2010-09-12 10:37 . 2010-09-12 10:37 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Hulubulu

2010-09-12 10:37 . 2010-09-12 10:37 -------- d-----w- c:\program files\Advanced Renamer

2010-09-12 08:09 . 2010-09-12 08:09 -------- d-----w- c:\program files\Common Files\Borland Shared

2010-09-12 08:09 . 1999-01-20 03:01 210032 ----a-w- c:\windows\system32\DBCLIENT.DLL

2010-09-12 08:09 . 2010-09-12 10:04 -------- d-----w- c:\program files\ZebHelpProcess

2010-09-12 08:00 . 2010-09-12 09:42 -------- d-----w- c:\program files\ZHPDiag

2010-09-12 07:50 . 2010-09-14 10:20 -------- d-----w- c:\program files\Trend Micro

2010-09-12 07:50 . 2010-09-12 07:50 388096 ----a-r- c:\documents and settings\andre schroeven\Application Data\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2010-09-11 15:08 . 2010-09-11 15:08 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE

2010-09-11 11:38 . 2010-09-11 11:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\QuickScan

2010-09-09 10:12 . 2010-09-09 10:20 -------- d-----w- c:\documents and settings\andre schroeven\Bureau

2010-09-09 10:12 . 2010-09-09 10:20 -------- d-----w- C:\Get-Rapports-2009

2010-09-07 14:49 . 2010-09-07 14:49 -------- d-----w- c:\documents and settings\NetworkService\Application Data\QuickScan

2010-09-07 10:55 . 2010-09-07 10:55 -------- d-----w- c:\documents and settings\andre schroeven\.Philips

2010-09-07 10:54 . 2010-09-07 10:54 -------- d-----w- c:\program files\Common Files\i4j_jres

2010-09-07 10:53 . 2010-09-07 10:53 -------- d-----w- c:\program files\Philips

2010-09-07 08:56 . 2010-09-07 08:56 -------- d--h--w- c:\windows\PIF

2010-09-06 15:02 . 2010-09-06 15:02 -------- d-----w- c:\documents and settings\All Users\Application Data\bdch

2010-09-06 07:19 . 2010-09-06 07:19 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Malwarebytes

2010-09-06 07:18 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-09-06 07:18 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-09-06 07:18 . 2010-09-06 07:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2010-09-06 07:18 . 2010-09-07 12:23 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-09-05 20:37 . 2010-09-05 20:37 -------- d-----w- c:\documents and settings\LocalService\Application Data\QuickScan

2010-09-05 20:31 . 2010-09-05 20:31 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\BitDefender

2010-09-05 20:21 . 2010-09-05 20:21 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\QuickScan

2010-09-05 20:11 . 2010-07-09 13:08 327368 ----a-w- c:\windows\system32\drivers\bdfsfltr.sys

2010-09-05 19:46 . 2010-09-14 12:05 253072 ----a-w- c:\windows\system32\drivers\trufos.sys

2010-09-05 19:46 . 2010-05-13 15:02 12960 ----a-w- c:\windows\system32\drivers\bdrawpr.sys

2010-09-05 13:57 . 2010-09-05 13:57 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Canon

2010-09-05 13:02 . 2010-09-05 13:02 -------- d-----w- c:\documents and settings\andre schroeven\WINDOWS

2010-09-04 22:19 . 2010-09-05 06:10 -------- d-----w- c:\windows\system32\Lang

2010-09-04 22:18 . 2008-04-13 18:45 6272 ----a-w- c:\windows\system32\drivers\splitter.sys

2010-09-04 22:18 . 2008-04-13 19:17 83072 ----a-w- c:\windows\system32\drivers\wdmaud.sys

2010-09-04 22:18 . 2008-04-13 18:45 52864 ----a-w- c:\windows\system32\drivers\dmusic.sys

2010-09-04 22:17 . 2008-04-13 18:45 56576 ----a-w- c:\windows\system32\drivers\swmidi.sys

2010-09-04 22:17 . 2008-04-13 16:39 142592 ----a-w- c:\windows\system32\drivers\aec.sys

2010-09-04 22:17 . 2008-04-13 18:45 172416 ----a-w- c:\windows\system32\drivers\kmixer.sys

2010-09-04 22:17 . 2008-04-13 18:45 2944 ----a-w- c:\windows\system32\drivers\drmkaud.sys

2010-09-04 22:17 . 2008-04-13 19:15 60800 ----a-w- c:\windows\system32\drivers\sysaudio.sys

2010-09-04 22:11 . 2005-08-18 22:35 3856896 ----a-w- c:\windows\system32\drivers\RtkHDAud.sys

2010-09-04 22:11 . 2005-08-15 22:34 9703424 ----a-w- c:\windows\RTLCPL.EXE

2010-09-04 22:11 . 2005-07-15 23:48 40960 ----a-w- c:\windows\system32\ChCfg.exe

2010-09-04 22:11 . 2010-09-04 22:11 -------- d-----w- c:\program files\Realtek

2010-09-04 22:10 . 2005-04-17 05:20 487424 ----a-w- c:\windows\RtlExUpd.dll

2010-09-04 21:50 . 2010-09-13 21:52 -------- d-----w- c:\documents and settings\andre schroeven\Local Settings\Application Data\Adobe

2010-09-04 17:52 . 1998-11-13 11:16 308224 ----a-w- c:\windows\IsUn040c.exe

2010-09-04 11:50 . 2009-10-20 16:20 265728 ----a-w- c:\windows\system32\drivers\http.sys

2010-09-04 11:48 . 2008-06-13 11:05 272128 ------w- c:\windows\system32\drivers\bthport.sys

2010-09-04 11:40 . 2008-04-13 19:19 51328 ----a-w- c:\windows\system32\drivers\rasl2tp.sys

2010-09-03 22:03 . 2010-09-03 22:03 -------- d-----w- c:\program files\Microsoft CAPICOM 2.1.0.2

2010-09-03 21:49 . 2010-09-03 21:49 -------- d-----w- c:\program files\MSXML 4.0

2010-09-03 21:47 . 2001-02-06 13:29 65536 ----a-w- c:\windows\system32\Gif89.dll

2010-09-03 21:46 . 2004-10-01 16:37 36864 ----a-w- c:\windows\system32\nvapi9x.dll

2010-09-03 21:46 . 2004-09-28 16:05 40960 ----a-w- c:\windows\system32\nvgpio.dll

2010-09-03 21:46 . 2004-10-11 12:08 12062 ----a-w- c:\windows\system32\drivers\MTiCtwl.sys

2010-09-03 21:45 . 2010-09-03 21:47 -------- d-----w- c:\program files\SEC

2010-09-03 21:19 . 2010-09-03 21:19 -------- d-----w- c:\documents and settings\All Users\Application Data\NVIDIA

2010-09-03 21:16 . 2010-09-03 21:22 -------- d-----w- c:\windows\nview

2010-09-03 21:16 . 2005-09-22 22:21 180224 ----a-w- c:\windows\system32\nvudisp.exe

2010-09-03 21:15 . 2005-09-22 14:38 180224 ----a-w- c:\windows\system32\NVUNINST.EXE

2010-09-03 14:09 . 2010-09-03 14:09 -------- d-----w- c:\documents and settings\All Users\Application Data\Alfac

2010-09-03 14:09 . 2010-09-03 14:09 -------- d-----w- c:\program files\DECAdry

2010-09-03 13:57 . 2010-06-20 02:21 214016 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}\components\calbscmp.dll

2010-09-03 13:25 . 2010-05-25 14:43 10320 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\vlaamsechambresdhotes.com

2010-09-03 13:25 . 2010-02-24 17:12 2533221 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\petitfute.com

2010-09-03 13:25 . 2010-02-07 17:59 12022 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\logeerbijbelgen.com

2010-09-03 13:24 . 2010-09-04 09:01 197661 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\france-voyages.com

2010-09-03 13:24 . 2010-08-29 20:58 25308 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\bestchambresdhotes.com

2010-09-03 13:24 . 2010-06-28 07:55 8235 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\chambresdhotesfrance.com

2010-09-03 13:24 . 2010-04-26 14:15 50680 ----a-w- c:\documents and settings\andre schroeven\Application Data\Thunderbird\Profiles\lljj41dn.default\Mail\Local Folders\Dossiers personnels.sbd\Hôtes.sbd\charmelogies.com

2010-09-03 11:10 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll

2010-09-03 10:58 . 2010-09-08 17:20 -------- d-----w- c:\documents and settings\andre schroeven\Local Settings\Application Data\Thunderbird

2010-09-03 10:58 . 2010-09-03 10:58 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\Thunderbird

2010-09-03 10:40 . 2010-09-03 10:40 -------- d-----w- c:\documents and settings\andre schroeven\Local Settings\Application Data\Scansoft

2010-09-03 10:16 . 2004-08-04 06:00 71040 ------w- c:\windows\system32\drivers\_003646_.tmp.dll

2010-09-03 07:18 . 2010-09-03 07:18 -------- d-sh--w- c:\documents and settings\andre schroeven\PrivacIE

2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\InstallShield

2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\ScanSoft

2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\documents and settings\All Users\Application Data\ScanSoft

2010-09-03 07:16 . 2010-09-03 07:16 -------- d-----w- c:\program files\Common Files\ScanSoft Shared

2010-09-03 07:15 . 2010-09-03 07:15 -------- d-----w- c:\program files\ScanSoft

2010-09-03 07:14 . 2010-09-05 14:18 -------- d--h--w- c:\program files\InstallShield Installation Information

2010-09-03 07:14 . 2010-09-03 07:14 -------- d-----w- c:\program files\ArcSoft

2010-09-03 07:14 . 1995-07-31 11:44 212480 ----a-w- c:\windows\PCDLIB32.DLL

2010-09-03 07:14 . 2010-09-03 21:15 -------- d-----w- c:\program files\Common Files\InstallShield

2010-09-03 07:12 . 2003-09-18 12:32 499712 ----a-w- c:\windows\system32\msvcp71.dll

2010-09-03 07:12 . 2003-09-18 12:32 348160 ----a-w- c:\windows\system32\msvcr71.dll

2010-09-03 07:12 . 2003-09-18 12:32 1060864 ----a-w- c:\windows\system32\MFC71.dll

2010-09-03 07:12 . 1998-10-29 14:45 306688 ----a-w- c:\windows\IsUninst.exe

2010-09-03 07:11 . 2010-09-03 07:11 -------- d--h--w- c:\documents and settings\All Users\Application Data\CanonBJ

2010-09-03 07:11 . 2006-09-12 20:00 69632 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPP87.DLL

2010-09-03 07:11 . 2006-09-12 20:00 27136 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\CNMPD87.DLL

2010-09-03 07:11 . 2006-09-12 20:00 197632 ----a-w- c:\windows\system32\CNMLM87.DLL

2010-09-03 07:11 . 2010-09-03 07:11 -------- d--h--w- c:\windows\system32\CanonIJ Uninstaller Information

2010-09-03 07:10 . 2006-06-29 05:29 106496 ----a-w- c:\windows\system32\cnco600.dll

2010-09-03 07:10 . 2006-05-26 01:54 135168 ----a-w- c:\windows\system32\CNCL600.DLL

2010-09-03 07:10 . 2006-07-20 06:51 1298432 ----a-w- c:\windows\system32\CNCC600.DLL

2010-09-03 07:10 . 2006-07-20 06:51 57344 ----a-w- c:\windows\system32\CNCI600.DLL

2010-09-03 07:10 . 2010-09-03 07:10 -------- d--h--w- c:\program files\CanonBJ

2010-09-03 07:09 . 2010-09-05 14:19 -------- d-----w- c:\program files\Canon

2010-09-02 22:02 . 2007-04-09 11:23 28552 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\mdippr.dll

2010-09-02 22:02 . 2007-04-09 11:23 28040 ----a-w- c:\windows\system32\mdimon.dll

2010-09-02 22:00 . 2010-09-02 22:00 -------- d-----w- c:\program files\Microsoft.NET

2010-09-02 21:58 . 2010-09-03 21:54 -------- d-----w- c:\program files\Microsoft Works

2010-09-02 21:57 . 2010-09-02 22:00 -------- d-----w- c:\windows\SHELLNEW

2010-09-02 21:53 . 2010-09-02 21:53 -------- d-----r- C:\MSOCache

2010-09-02 21:51 . 2010-09-02 21:51 -------- d-----w- c:\documents and settings\andre schroeven\Application Data\MozBackup

2010-09-02 21:41 . 2010-09-13 22:02 -------- d-----w- c:\program files\Mozilla Thunderbird

 

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2010-09-13 10:14 . 2010-09-13 10:14 0 ----a-w- c:\documents and settings\All Users\Application Data\xml112.tmp

2010-09-13 10:14 . 2010-09-13 10:14 0 ----a-w- c:\documents and settings\All Users\Application Data\xml111.tmp

2010-09-13 10:14 . 2010-09-13 10:14 13420 ----a-w- c:\documents and settings\All Users\Application Data\xml110.tmp

2010-09-13 10:14 . 2010-09-13 10:14 10390 ----a-w- c:\documents and settings\All Users\Application Data\xml10F.tmp

2010-09-11 11:37 . 2010-09-11 11:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\BitDefender

2010-09-10 22:24 . 2010-09-02 11:35 86327 ----a-w- c:\windows\PCHEALTH\HELPCTR\OfflineCache\index.dat

2010-09-05 20:37 . 2010-09-05 19:46 511157 ----a-w- c:\documents and settings\All Users\Application Data\bdinstall.bin

2010-09-04 22:11 . 2010-09-04 22:11 294912 ----a-w- c:\windows\HideWin.exe

2010-09-04 17:53 . 2010-09-04 17:53 -------- d-----w- c:\program files\ING

2010-09-02 14:41 . 2010-09-02 14:41 0 ----a-w- c:\windows\nsreg.dat

2010-09-02 11:36 . 2010-09-02 11:36 -------- d-----w- c:\program files\microsoft frontpage

2010-09-02 11:33 . 2010-09-02 11:33 21640 ----a-w- c:\windows\system32\emptyregdb.dat

2010-07-31 15:37 . 2010-09-02 14:50 3862016 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\SSS.dll

2010-07-28 18:52 . 2010-09-02 14:50 24576 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\platform\WINNT_x86-msvc\components\SSSLauncher.dll

2010-07-23 15:22 . 2010-09-02 14:50 1496064 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\frozen.dll

2010-07-23 15:22 . 2010-09-02 14:50 338944 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff2.dll

2010-07-23 15:22 . 2010-09-02 14:50 43008 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\components\googletoolbarloader.dll

2010-07-23 15:22 . 2010-09-02 14:50 346112 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}\libraries\googletoolbar-ff3.dll

2010-07-08 08:37 . 2010-07-08 08:37 101544 ----a-w- c:\program files\Common Files\LinkInstaller.exe

2010-06-30 12:31 . 2010-09-04 11:41 149504 ----a-w- c:\windows\system32\schannel.dll

2010-06-28 10:55 . 2010-06-28 10:55 970320 ----a-w- c:\windows\system32\drivers\avckf.sys

2010-06-28 10:55 . 2010-06-28 10:55 633424 ----a-w- c:\windows\system32\drivers\avc3.sys

2010-06-25 01:37 . 2010-09-02 14:50 110592 ----a-w- c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}\library\FSAddin.dll

2010-06-24 12:22 . 2001-08-23 12:00 916480 ----a-w- c:\windows\system32\wininet.dll

2010-06-23 13:44 . 2010-09-04 11:41 1851904 ----a-w- c:\windows\system32\win32k.sys

2010-06-21 15:27 . 2010-09-04 11:40 354304 ----a-w- c:\windows\system32\drivers\srv.sys

2010-06-18 14:11 . 2010-06-18 14:11 111696 ----a-w- c:\windows\system32\drivers\bdfndisf.sys

2010-06-17 14:03 . 2001-08-23 12:00 80384 ----a-w- c:\windows\system32\iccvid.dll

.

 

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

 

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-09-22 7282688]

"NvMediaCenter"="NvMCTray.dll" [2005-09-22 86016]

"BitDefender Antiphishing Helper"="c:\program files\BitDefender\BitDefender 2011\ieshow.exe" [2010-08-10 71216]

"BDAgent"="c:\program files\BitDefender\BitDefender 2011\bdagent.exe" [2010-09-09 1405072]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"CmUCRRun"="c:\windows\system32\CmUCReye.exe" [2006-07-12 237568]

"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-06-20 35760]

"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-06-09 976832]

 

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\System32\CTFMON.EXE" [2008-04-14 15360]

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Color Calibration.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Color Calibration.lnk

backup=c:\windows\pss\Color Calibration.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^MagicTune3.6.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\MagicTune3.6.lnk

backup=c:\windows\pss\MagicTune3.6.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^NaturalColorLoad.lnk]

path=c:\documents and settings\All Users\Start Menu\Programs\Startup\NaturalColorLoad.lnk

backup=c:\windows\pss\NaturalColorLoad.lnkCommon Startup

 

[HKLM\~\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Notification de cadeaux MSN.lnk]

path=c:\documents and settings\andre schroeven\Start Menu\Programs\Startup\Notification de cadeaux MSN.lnk

backup=c:\windows\pss\Notification de cadeaux MSN.lnkStartup

 

[HKLM\~\startupfolder\C:^Documents and Settings^andre schroeven^Start Menu^Programs^Startup^Philips Media Manager.lnk]

path=c:\documents and settings\andre schroeven\Start Menu\Programs\Startup\Philips Media Manager.lnk

backup=c:\windows\pss\Philips Media Manager.lnkStartup

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM]

2010-06-09 08:06 976832 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]

2010-06-20 02:04 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]

2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]

2005-09-22 22:21 1519616 ----a-w- c:\windows\system32\nwiz.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE4]

2006-10-11 10:45 75304 ----a-w- c:\program files\ScanSoft\OmniPageSE4.0\OpWareSE4.exe

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]

2005-08-18 14:20 14820864 ----a-w- c:\windows\RTHDCPL.EXE

 

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]

2006-09-28 11:16 185896 ----a-w- c:\program files\Common Files\ScanSoft Shared\SSBkgdUpdate\SSBkgdUpdate.exe

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\system32\\sessmgr.exe"=

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2010.SP2\\RpcAgentSrv.exe"=

"c:\\Program Files\\SiSoftware\\SiSoftware Sandra Lite 2010.SP2\\WNt500x86\\RpcSandraSrv.exe"=

 

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

 

R1 BdRawPr;BdRawPr;c:\windows\system32\drivers\bdrawpr.sys [05/09/2010 21:46 12960]

R2 Updatesrv;BitDefender Desktop Update Service;c:\program files\BitDefender\BitDefender 2011\updatesrv.exe [10/08/2010 13:59 42400]

R3 BDFM;BDFM;c:\windows\system32\drivers\bdfm.sys [22/04/2010 13:19 149520]

R3 Bdfndisf;BitDefender Firewall NDIS Filter Service;c:\program files\Common Files\BitDefender\BitDefender Firewall\bdfndisf.sys [18/06/2010 16:11 111696]

R3 CMISTOR;CMIUCR.SYS CM320/CM220 Card Reader Driver;c:\windows\system32\drivers\cmiucr.SYS [05/01/2007 17:21 93056]

S3 SandraAgentSrv;SiSoftware Deployment Agent Service;c:\program files\SiSoftware\SiSoftware Sandra Lite 2010.SP2\RpcAgentSrv.exe [13/09/2010 12:02 93848]

S3 Update Server;BitDefender Update Server v2;c:\program files\Common Files\BitDefender\BitDefender Arrakis Server\bin\arrakis3.exe [23/07/2010 09:51 307544]

S4 avc3;avc3;c:\windows\system32\drivers\avc3.sys [28/06/2010 12:55 633424]

S4 avckf;avckf;c:\windows\system32\drivers\avckf.sys [28/06/2010 12:55 970320]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://www.msn.com

IE: E&xporter vers Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000

IE: Easy-WebPrint Add To Print List - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html

IE: Easy-WebPrint High Speed Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html

IE: Easy-WebPrint Preview - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html

IE: Easy-WebPrint Print - c:\program files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html

FF - ProfilePath - c:\documents and settings\andre schroeven\Application Data\Mozilla\Firefox\Profiles\403cwarl.default\

FF - prefs.js: browser.search.defaulturl - hxxp://www.bing.com/search?FORM=BO2TDF&PC=B8MS&q=

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://www.orange.fr/

FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=BO2TDF&PC=B8MS&q=

FF - plugin: c:\program files\Java\jre6\bin\new_plugin\npdeployJava1.dll

 

---- FIREFOX POLICIES ----

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbaam7a8h", true);

c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true);

c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false);

.

- - - - ORPHANS REMOVED - - - -

 

MSConfigStartUp-Bing Bar - c:\program files\MSN Toolbar\Platform\5.0.1449.0\mswinext.exe

MSConfigStartUp-Microsoft Default Manager - c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe

AddRemove-LSI Soft Modem - c:\windows\agrsmdel

 

 

 

**************************************************************************

 

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover

Rootkit scan 2010-09-15 11:05

Windows 5.1.2600 Service Pack 3 NTFS

 

scanning hidden processes ...

 

scanning hidden autostart entries ...

 

scanning hidden files ...

 

scan completed successfully

hidden files: 0

 

**************************************************************************

.

--------------------- LOCKED REGISTRY KEYS ---------------------

 

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\Installer\UserData\LocalSystem\Components\ð•€|ÿÿÿÿ.•€|þ»Ôw*]

"C0403E1900063D11C8EF10054038389C"="C?\\WINDOWS\\system32\\FM20ENU.DLL"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

 

- - - - - - - > 'explorer.exe'(1364)

c:\windows\system32\WININET.dll

c:\program files\BitDefender\BitDefender 2011\pchook32.dll

c:\windows\system32\ieframe.dll

c:\windows\system32\webcheck.dll

.

------------------------ Other Running Processes ------------------------

.

c:\program files\LSI SoftModem\agrsmsvc.exe

c:\program files\Java\jre6\bin\jqs.exe

c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

c:\windows\system32\nvsvc32.exe

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

.

**************************************************************************

.

Completion time: 2010-09-15 11:09:27 - machine was rebooted

ComboFix-quarantined-files.txt 2010-09-15 09:09

 

Pre-Run: 69 982 990 336 bytes free

Post-Run: 70 594 330 624 bytes free

 

WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe

[boot loader]

timeout=2

default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS

[operating systems]

c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons

UnsupportedDebug="do not select this" /debug

multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptIn

 

- - End Of File - - A03E75C2AFF4DC4C4F0E458C86D32144

[Thanos]

salut

 

Dis moi: ton pc fait il partie d'un réseau ?

[André 46]

salut

 

Dis moi: ton pc fait il partie d'un réseau ?

 

Hello Thanos,

 

Effectivement, j'ai installé un petit réseau avec le PC de mon épouse qui tourne sous Mandriva Linux.

Mais cela ne date pas d'hier et, avant de réinstaller XP, je n'avais pas ce problème de trafic internet permanent.

 

Merci pour le temps que tu me consacres

 

André

Modifié le 15 septembre 2010 par André 46

[Thanos]

re!

 

Ok. Est ce que ton parefeu BitDefender est actif ? J'imagine que tu n'utilise pas de logiciel P2P ?

 

On va faire un scan un peu plus approfondi car celui de ComboFix ne montre plus rien d'inquiétant =>

 

Télécharge GMER Rootkit Scanner

 

• Clique sur le bouton "Download EXE"
  
• Sauvegarde-le sur ton Bureau.
  
• Colle et sauvegarde ces instructions dans un fichier texte ou imprime-les, car tu devras fermer le navigateur.
  
• Ferme les fenêtres de navigateur ouvertes et tout autre programme ouvert car le scan peut faire planter le pc.
  
• Lance le fichier téléchargé (le nom comporte 8 chiffres/lettres aléatoires) par double clic ;
  
• Si l'outil te lance un warning d'activité de rootkit et te demande de faire un scan ; clique "NO"
  
  
• Clique maintenant sur le bouton et patiente (cela peut prendre 10 minutes ou +)
  
• Lorsque l'analyse sera terminée, clique sur le bouton (au bas à droite)
  
• Nomme le fichier"Ark.txt" et sauvegarde-le sur le Bureau
  
• Copie/colle le contenu de ce rapport dans ta réponse.

[André 46]

re!

 

Ok. Est ce que ton parefeu BitDefender est actif ? J'imagine que tu n'utilise pas de logiciel P2P ?

 

On va faire un scan un peu plus approfondi car celui de ComboFix ne montre plus rien d'inquiétant =>

 

Télécharge GMER Rootkit Scanner

 

 

Bonjour Thanos,

 

Tu imagines bien, je n'utilise pas de logiciel P2P.

 

Pour ce qui est du scan avec GMER Rootkit Scanner, un peu de patience...

J'ai déjà dû le relancer plusieurs fois.

- à la fin du scan le pc se bloque, pas moyen de sauver le rapport.

- durant le scan, j'ai des messages d'erreur du type "Drwtsn32.exe this application failed to initialise properly (ox0000005) click on OK to terminate the application". Je clique OK et le scan se pousuit et soudain le pc s'arrête et se relance.

- j'ai eu d'autres messages d'erreur où il fallait cliquer sur OK pour poursuivre le programme ou sur Cancel pour le débogger.

- un scan dure plus de 3 heures.

 

J'ai désactivé Bitdefender avant de scanner

 

Je vais recommencer en annulant l'économiseur d'écran.

 

Je te reviens dès que j'ai pu réaliser un scan correct

 

André

Modifié le 16 septembre 2010 par André 46

[Thanos]

ok, si cela plante tente de faire le scan mais en décochant certaines options avant =>

 

Dans la section de droite de la fenêtre de l'outil, décoche les options suivantes :

• Sections
  
• IAT/EAT